Overview
Explore a critical defensive research gap in Linux memory forensics through this 25-minute Black Hat conference talk. Delve into the efforts to address a significant blind spot in the Linux kernel's tracing infrastructure, which has implications for server and cloud instance security. Learn how advances in kernel development have outpaced forensic capabilities, potentially allowing attackers to remain undetected. Gain insights from security experts Andrew Case and Golden Richard as they present their findings and solutions to enhance Linux memory forensics techniques.
Syllabus
Fixing a Memory Forensics Blind Spot: Linux Kernel Tracing
Taught by
Black Hat