05.08.2016 • Views

Share Embed Flag

Problem

us-16-Weston-Windows-10-Mitigation-Improvements

ePAPER READ

DOWNLOAD ePAPER

hosselot

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

• S

Problem:

Preventative Security

Attackers are agile, adaptive, and results

focused – effective techniques often

don’t map to security boundaries

• Preventative Strategy – SDL “Find all the

bugs” before shipping

• Static Security Boundaries – vulnerability

equals “game over”

• Focus on component level security –

customer assets, configuration, 3 rd party

software largely out-of-scope

• Investigation of exploit and other attack

techniques out-of-scope

• Engineering driven - Focus on

abstraction to support scale and process

• Mitigation design and offensive security

research is ad-hoc and specialized

Market value for exploits is 10x

vulnerabilities – preventative security is

focused on lowest value asset

Attackers invest in developing tool sets

and libraries – no proactive disruption,

reactive response only after attacks

The cost for attackers is unknown – The

current approach to security is abstracted

from attacks – security effectiveness

against real attacks unknown

“Assume breach” mitigation strategy augments preventative security

Windows 10 x64 Edge Browser 0day and exploit

A JOURNEY FROM JNDI/LDAP MANIPULATION TO REMOTE CODE EXECUTION DREAM LAND

ANALYSIS OF THE ATTACK SURFACE OF WINDOWS 10 VIRTUALIZATION-BASED SECURITY

• S Problem: Preventative Security Attackers are agile, adaptive, and results focused – effective techniques often don’t map to security boundaries • Preventative Strategy – SDL “Find all the bugs” before shipping • Static Security Boundaries – vulnerability equals “game over” • Focus on component level security – customer assets, configuration, 3 rd party software largely out-of-scope • Investigation of exploit and other attack techniques out-of-scope • Engineering driven - Focus on abstraction to support scale and process • Mitigation design and offensive security research is ad-hoc and specialized Market value for exploits is 10x vulnerabilities – preventative security is focused on lowest value asset Attackers invest in developing tool sets and libraries – no proactive disruption, reactive response only after attacks The cost for attackers is unknown – The current approach to security is abstracted from attacks – security effectiveness against real attacks unknown “Assume breach” mitigation strategy augments preventative security

Page 4 and 5: Strategy: Analyze Analyze comprehen
Page 6 and 7: # of CVEs Analysis: High-level vuln
Page 8 and 9: Success Story: 0day exploit in Inte
Page 10 and 11: “Assume Breach” PWN2OWN & Data
Page 12: REDTEAM BLUETEAM Offensive security
Page 17 and 18: 100% 90% 80% 70% 60% 50% 40% 30% 20
Page 19 and 20: Tactic Applies to First shipped Eli
Page 22: CVE-2003-0344 Trigger stack buffer
Page 25 and 26: Corrupt a C++ virtual table pointer
Page 27 and 28: Execute arbitrary native code Only
Page 30 and 31: Windows Hyper Guard • Prevents m
Page 32: Mitigation How to opt-in Control Fl
Page 36: Rapidly Respond • Mobilize engine
Page 39: The number of Microsoft vulnerabili

Problem

Create successful ePaper yourself

Delete template?

Save as template?