Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Defeating EDR Evading Malware with Memory Forensics

DEFCONConference via YouTube

Overview

Explore groundbreaking memory forensics techniques for detecting malware that evades Endpoint Detection and Response (EDR) systems in this DEF CON 32 conference presentation. Dive into the ongoing arms race between EDR software and malware developers, examining how attackers exploit system vulnerabilities for code injection, lateral movement, and credential theft at the lowest levels of hardware and software. Learn about innovative detection methods for various bypass techniques, including direct and indirect system calls, module overwriting, malicious exception handlers, and debug register abuse. Discover newly developed plugins for the Volatility memory analysis framework (version 3) that enhance the capability to identify sophisticated EDR evasion tactics used in high-profile attacks and by ransomware groups.

Syllabus

DEF CON 32 - Defeating EDR Evading Malware with Memory Forensics - Case, Sellers, Richard, et al.

Taught by

DEFCONConference

Reviews

Start your review of Defeating EDR Evading Malware with Memory Forensics

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.