|
Dangerous Contents - Securing .Net Deserialization
|
|
|
Detecting compromise on Windows endpoints with osquery
|
|
|
Out of The Truman Show: VM escape in VMware gracefully
|
Lei Shi
,
Mei Wang
,
Qihoo 360
|
|
PIE - An Active Defense PowerShell Framework for Office365
|
Greg Foss
,
LogRhythm
|
|
KERNELFAULT: R00ting the Unexploitable using Hardware Fault Injection
|
|
|
Raising the Bar: New Hardware Primitives for Exploit Mitigations
|
Rob Turner
,
Qualcomm Technologies
|
|
Tales from the SOC: Real-world Attacks Seen Through Defender ATP
|
Brian Hooper
,
Jagadeesh
,
Parameswaran
,
Microsoft Corporation
|
|
All your cloud are belong to us; hunting compromise in Azure
|
Nate Warfield
,
Ben Ridgway
,
Microsoft Corporation
|
|
Detection is not a classification: reviewing machine learning techniques for cybersecurity specifics
|
Alexander Chistyakov
,
Kaspersky Lab
|
|
28 Registrations Later: Measuring the Exploitation of Residual Trust in Domains
|
|
|
"_____ Is Not a Security Boundary." Things I Have Learned and Things That Have Gotten Better from Researching Microsoft Software
|
Matt Nelson
,
SpecterOps
|
|
Account Compromise 2017: in the Trenches with the Microsoft Identity Security and Protection Team
|
Alex Weinert
,
Dana Kaufman
,
Microsoft Corporation
|
|
Out of The Truman Show: VM escape in VMware gracefully
|
|
|
Baby??s First Bounty: Lessons from bypassing Arbitrary Code Guard
|
|
|
Dyre to Trickbot: An inside look at TLS-encrypted command-and-control traffic
|
Andrew Brandt
,
Symantec
|
|
A Lustrum of Malware Network Communication: Evolution and Insights
|
Chaz Lever
,
Georgia Institute of Technology
|
|
Securing Windows Defender Application Guard
|
Saruhan Karademir
,
David Weston
,
Microsoft Corporation
|
|
All your cloud are belong to us; hunting compromise in Azure
|
|
|
WannaCrypt + SMBv1.0 vulnerability = One of the most damaging ransomware attacks in history
|
|
|
Securing Windows Defender Application Guard
|
|
|
Tales from the SOC: Real-world Attacks Seen Through Defender ATP
|
|
|
Detecting compromise on Windows endpoints with osquery
|
Nick Anderson
,
Facebook
|
|
10 Years of Targeted Credential Phishing
|
|
|
Born secure. How to design a brand new cloud platform with a strong security posture
|
|
|
Detection is not a classification: reviewing machine learning techniques for cybersecurity specifics
|
|
|
Account Compromise 2017: in the Trenches with the Microsoft Identity Security and Protection Team
|
|
|
Don't let your virtualization fabric become the attack vector
|
|
|
Baby’s First Bounty: Lessons from bypassing Arbitrary Code Guard
|
Alex Ionescu
,
Crowdstrike
|
|
Mitigations for the Masses: From EMET to Windows Defender Exploit Guard
|
Mark Wodrich
,
Jasika Bawa
,
Microsoft Corporation
|
|
Keynote
|
Merike Kaeo
,
Farsight Security
|
|
TLS 1.3 - Full speed ahead... mind the warnings - the great, the good and the bad
|
Joseph Salowey
,
Tableau Software
|
|
28 Registrations Later: Measuring the Exploitation of Residual Trust in Domains
|
Yacin Nadji
,
Georgia Institute of Technology
|
|
Active Directory Security: The Journey
|
|
|
Using TLS Certificates to Track Activity Groups
|
|
|
Corrupting Memory in Microsoft Office Protected-View Sandbox
|
Yong Chuan Koh
,
MWR InfoSecurity
|
|
Mitigations for the Masses: From EMET to Windows Defender Exploit Guard
|
|
|
Down the Open Source Software Rabbit Hole
|
Kymberlee Price
,
Sam Vaughan
,
Microsoft Corporation
|
|
??_____ Is Not a Security Boundary." Things I Have Learned and Things That Have Gotten Better from Researching Microsoft Software
|
|
|
Where, how, and why is SSL traffic on mobile getting intercepted? A look at three million real-world SSL incidents
|
Alban Diquet
,
Thomas Sileo
,
Data Theorem
|
|
Raising the Bar: New Hardware Primitives for Exploit Mitigations
|
|
|
Born secure. How to design a brand new cloud platform with a strong security posture
|
Filippo Seracini
,
Lee Holmes
,
Microsoft Corporation
|
|
Extracting Secrets from Silicon - A New Generation of Bug Hunting
|
Gunter Ollmann
,
Microsoft Corporation
|
|
Extracting Secrets from Silicon - A New Generation of Bug Hunting
|
|
|
Betraying the BIOS: Where the Guardians of the BIOS are Failing
|
Alex Matrosov
,
Cylance
|
|
KERNELFAULT: R00ting the Unexploitable using Hardware Fault Injection
|
Alex Matrosov
,
Cristofaro Mune
,
Riscure B.V.
|
|
WannaCrypt + SMBv1.0 vulnerability = One of the most damaging ransomware attacks in history
|
Andrea Lelli
,
Microsoft Corporation
|
|
Using TLS Certificates to Track Activity Groups
|
Mark Parsons
,
Microsoft Corporation
|
|
PIE - An Active Defense PowerShell Framework for Office365
|
|
|
Don't let your virtualization fabric become the attack vector
|
Dean Wells
,
Microsoft Corporation
|
|
Sednit Reloaded: The Bears' Operations From Christmas to Halloween
|
Alexis Dorais-Joncas
,
Thomas Dupuy
,
ESET
|
|
Leveraging Honeypots to Train a Supervised Model for Brute-Force Detection
|
|
|
Scaling Incident Response - 5 keys to successful defense at scale
|
|
|
Keynote
|
|
|
10 Years of Targeted Credential Phishing
|
Billy Leonard
,
Google Inc.
|
|
You Are Making Application Whitelisting Difficult
|
|
|
Disrupting the Mirai Botnet
|
|
|
Leveraging Honeypots to Train a Supervised Model for Brute-Force Detection
|
Mathias Scherman
,
Daniel Edwards
,
Tomer Koren
,
Microsoft Corporation
|
|
Go Hunt: An automated approach for security alert validation
|
Oran Brill
,
Tomer Teller
,
Microsoft Corporation
|
|
You Are Making Application Whitelisting Difficult
|
Casey Smith
,
Red Canary
|
|
A Lustrum of Malware Network Communication: Evolution and Insights
|
|
|
Go Hunt: An automated approach for security alert validation
|
|
|
Down the Open Source Software Rabbit Hole
|
|
|
Dyre to Trickbot: An inside look at TLS-encrypted command-and-control traffic
|
|
|
TLS 1.3 - Full speed ahead... mind the warnings - the great, the good and the bad
|
|
|
Corrupting Memory in Microsoft Office Protected-View Sandbox
|
|
|
Betraying the BIOS: Where the Guardians of the BIOS are Failing
|
|
|
Scaling Incident Response - 5 keys to successful defense at scale
|
Matt Swann
,
Microsoft Corporation
|
|
Active Directory Security: The Journey
|
Sean Metcalf
,
Trimarc
|
|
Where, how, and why is SSL traffic on mobile getting intercepted? A look at three million real-world SSL incidents
|
|
|
Disrupting the Mirai Botnet
|
Chuck McAuley
,
Ixia Communications
|
|
Sednit Reloaded: The Bears' Operations From Christmas to Halloween
|
|
|
Dangerous Contents - Securing .Net Deserialization
|
Jonathan Birch
,
Microsoft Corporation
|