Overview
Explore the state of vulnerability exploits in 2016 through this comprehensive conference talk from AppSecEU in Rome. Gain insights into the number of vulnerabilities, understand the concepts of vulnerabilities and exploits, and learn about exploit databases and kits. Discover the top exploit kits, defense strategies, and most affected vendors. Analyze exploit trends, including local vs. remote exploits and lateral movement techniques. Examine the importance of addressing exploits for end-of-life applications and learn effective prioritization methods. Conclude with practical steps to enhance cybersecurity and protect against evolving threats in the digital landscape.
Syllabus
Introduction
Agenda
Number of vulnerabilities
What is a vulnerability
What is an exploit
Exploit Databases
Exploit Kits
Exploit Kit Example
Exploit Kit Web UI
Top Exploit Kits
How can we defend
Most affected vendors
Targeted OS
Local vs Removed
Exploit Trends
Local vs Remote
Lateral Movement
Examples
Why this is important
Exploits for endoflife applications
Endoflife application
Prioritization
Exploit Kit
What can we do
Outro
Taught by
OWASP Foundation