all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Just Pocket Change? Examining the Cost of “Nickel and Dime” Exploit Mitigations

Add to bookmarks
Dec. 15, 2023, 10:36 p.m. | SANS Offensive Operations

SANS Offensive Operations www.youtube.com

HVCI, CET, Arbitrary Code Guard, Control Flow Guard. These words and acronyms, among others, strike a chord with most vulnerability researchers. Many of these mitigations have been seen in the community as the end of certain binary exploitation techniques. We know, however, that life has continued for vulnerability researchers — although there is now a significant cost associated with exploits.

Although these “large” exploit mitigations, which came with heavy investment from Microsoft, are notorious — this talk aims to address …

arbitrary code binary binary exploitation cet change code community control cost end exploit exploitation flow guard life mitigations nickel researchers strike techniques vulnerability

Visit resource

More from www.youtube.com / SANS Offensive Operations

Mastering Adversary Emulation with Caldera: A Practical Guide 1 month, 2 weeks ago | www.youtube.com
adversary adversary emulation application bolster +16
The Second Rule of Hacking: There Are No Rules 1 month, 2 weeks ago | www.youtube.com
attacks block businesses cat +13
From Pentest to Red Team: Overview of The Necessary Skills and Breakdown of Frameworks 1 month, 2 weeks ago | www.youtube.com
dave frameworks guide informative +10
OT Pen-testing: How Not to Sink an Oil Rig 1 month, 2 weeks ago | www.youtube.com
adversary adversary emulation application bolster +19
Fortifying Resilience: An In-Depth Exploration of the Overall Product Security Assessment Poster 1 month, 2 weeks ago | www.youtube.com
assessment attacks author course +16
SANS Pen Test 2024: A Sneak Peek Into All That's in Store! 2 months ago | www.youtube.com
austin cybersecurity cybersecurity innovation cybersecurity training +20
SANS Pen Test 2024: A Sneak Peek Into All That's in Store! 2 months, 1 week ago | www.youtube.com
austin cybersecurity cybersecurity innovation cybersecurity training +20
Learn About SEC565: Red Team Operations and Adversary Emulation 3 months ago | www.youtube.com
adversary adversary emulation course emulation +21
A Compendium of Exploits and Bypasses for eBPF-based Cloud Security 4 months, 2 weeks ago | www.youtube.com
basic cloud cloud security ebpf +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Information Security Engineer, Sr. (Container Hardening)

@ Rackner | San Antonio, TX
View on infosec-jobs.com

BaaN IV Techno-functional consultant-On-Balfour

@ Marlabs | Piscataway, US
View on infosec-jobs.com

Senior Security Analyst

@ BETSOL | Bengaluru, India
View on infosec-jobs.com

Security Operations Centre Operator

@ NEXTDC | West Footscray, Australia
View on infosec-jobs.com

Senior Network and Security Research Officer

@ University of Toronto | Toronto, ON, CA
View on infosec-jobs.com
View more jobs