Detect Me If You Can

BSidesROC 2018

Presented by: Ben Ten (Ben0xA)
Date: Saturday April 14, 2018
Time: 09:00 - 09:50
Location: Track 1

As long as there is a "Patch Tuesday", and software has bugs, there will always be an attack vector to which defensive controls are unable to defend. This is because most defensive strategies have focused on stopping attacks at their initial vector. In this talk, I will go over how I attack and bypass most deflection controls and go under the detection radar. I will then highlight the areas where defenders can begin to build a detection defense which will identify attacker behavior regardless of the initial vector. I will run through attacks I have used, which bypass several deflective controls, and show you how you can create detection controls to detect me; that is, if you can.

Ben Ten

Ben Ten is a Senior Security Consultant with TrustedSec doing penetration testing and consulting. He has spent over 15 years doing Application & Web Development; Security Implementation, Consulting, & Training; Federal Regulation and Compliance oversight in relation to Information Technology (HIPAA, HITECH, PCI); and managing a team of developers and IT professionals. He is creator of the PoshSec Framework and works with the PoshSec development team. He has spoken at several conferences over the past 5 years including ShowMeCon, DerbyCon, BSides Chicago/Raleigh/Dallas Fort Worth, HackCon Norway, and more.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats