Denis Andzakovic
DoI is a creature of meat and bone. Security consultant bio-automata at Pulse Security, DoI's day job involves offensive security testing and research. Effectively, figuring out how systems can be compromised, and how to best defend them.
Session
When we peel back the marketing and intended use of certain software to look at what it does underneath the hood quite a few things start to feel... malwarey... This presentation will look at how attackers can use legit security tools instead of, say, cobalt strike.
A rose by any other name would smell as sweet. A remote-access-trojan by any other name would... RAT just as good? Maybe it RATs even better!
You know who's really good at writing malwa^H^H^H^H^Hend-user software with remote command execution capabilities? Any number of enormously profitable megacorps with armies of developers, project managers, product owners, and so forth. The user experience for the remote-sh^H^H^H^H^H^H^H^H^Hlive-response is slick, and their software is probably running on your corporate devices already.
You know who's really really good at dumping process memory and looking for interesting things? DFIR folks, and their associated bags of legitimate tools.
This talk is going to show how legitimate security tooling can be used offensively. The benefits of doing so and some demos on how you, too, can benefit from the EPP magic quadrant vendor landscape tech synergy.