ThreatFeed
Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay

[SANS Webcast] Power! Unlimited Power! Understanding the Techniques of Malicious Kernel-Mode Code

The kernel-mode of Windows is a pathway to many abilities some consider to be unnatural.

For many malware developers, implementing kernel-mode code is too challenging. The required low-level development is not just time-consuming, but also error-prone and each error can lead to a full system crash, causing the attack to fail.

But threat actors who overcome these challenges get access to power which no user-mode application can wield.

Diving into kernel-mode allows attackers to exploit drivers and the system to escalate privileges, implement effective payloads, and hide malware from security products and incident responders.

In this webcast, attendees will learn:

Attackers goals and techniques for implementing kernel-mode code
The techniques used to execute that code and bypass existing OS security controls
Tips for analyzing kernel-mode code with the goal of building better defenses

Try VMRay

Covered in The Webinar

About The Speakers

Patrick Staubmann

Threat Researcher

Patrick Staubmann joined VMRay as a threat researcher back in 2019. As part of the Threat Analysis team, he continuously researches the threat landscape and conducts analyses of malware samples in depth. To further improve the companies’ product, he also extends its detection capabilities in form of behaviour-based rules, YARA rules, and configuration extractors. He is especially interested in reverse-engineering, low-level system security and exploitation.

Fatih Akar

Security Product Manager

As the Security Product Manager of VMRay, Fatih Akar leads the Advanced Threat Detection & Analysis related product initiatives. Before joining the products team, he worked as a Solution Engineer at VMRay, liaising between customers, quality assurance, and product management. Before joining VMRay, Fatih held various security engineering roles in large enterprises which operate in multi-national locations.

Explore Valuable Cybersecurity Resources

Request A Free Trial Now

Subscribe to our Newsletter

Linkedin-in Youtube Facebook-f

Solutions

Products

Why VMRay

Resources

Missed the headlines?

We’re featured in:

image 15
image 16
image 17
image 18
© Copyright 2024 VMRay

ThreatFeed

Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay