Detection and Efficiency Testing of Endpoint Security Sensors

Explore detection and efficiency testing methodologies for endpoint security sensors in this 32-minute conference talk from Hack In The Box Security Conference. Gain insights into simulated targeted attacks on three different endpoint security solutions: CrowdStrike, Sophos, and Cybereason. Learn about various attack strategies used to assess the resilience of these solutions, focusing on signature-based detection, Next-Generation Antivirus (NGAV), and Machine Learning capabilities. Discover techniques for testing detection efficiency, including downloading and moving malware within victim machines, utilizing The Zoo Repository for artifact retrieval, and employing PowerShell scripts to download daily malware batches from MalwaresBazaar using API access. Benefit from the speaker's extensive experience as a Cyber Security Manager, Researcher, and educator in the field of malware analysis and cybersecurity.