Play all

Intro

Who am I

How we got here

Methodology

Atomic Red Team

Malware

MS Venom

Not PowerShell NPS

Results

Conclusions

Vendor Claims

Clear Winner

Configuration Changes

False Positives

Did we have anything additional

Can the end point solution catch it

Can we bypass it

Can we cripple it

Test environment

Automation

Standard User

Containment

Success Failure

Does NDA Expire

Vendors Watching

Did the vendors threaten legal action

Did they know I was going to talk about Next Gen AV

Description:

Explore endpoint protection testing and next-generation antivirus bypass techniques in this 42-minute conference talk from Derbycon 2019. Delve into Kevin Gennuso's methodology, covering topics such as Atomic Red Team, malware, and MS Venom. Learn about vendor claims, configuration changes, false positives, and test environments. Discover insights on containment, automation, and standard user scenarios. Gain understanding of success and failure metrics, NDA considerations, and vendor reactions to testing. Uncover the intricacies of evaluating endpoint security solutions and their effectiveness against modern threats.

Testing Endpoint Protection - How Anyone Can Bypass Next Gen AV

Add to list

#Conference Talks #Information Security (InfoSec) #Cybersecurity #Penetration Testing #Malware Analysis #Art & Design #Visual Arts #Digital Art #Endpoint Security #Endpoint Protection #Computer Security #Antivirus Software #Atomic Red Team

0:00 / 0:00