Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Veni, No Vidi, No Vici - Attacks on ETW Blind EDR Sensors

Black Hat via YouTube

Start learning Write review
Corporate Finance Institute Ad

Learn Excel & Financial Modeling the Way Finance Teams Actually Use Them

Learn More → GetSmarter Ad

Most AI Pilots Fail to Scale. MIT Sloan Teaches You Why — and How to Fix It

Learn More →

Overview

Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
Explore a critical vulnerability in Event Tracing for Windows (ETW) that can render Endpoint Detection & Response (EDR) solutions ineffective in this 42-minute Black Hat conference talk. Delve into the intricacies of ETW, a built-in Windows feature originally designed for software diagnostics but now essential for EDR security. Understand how ETW's deep integration with the Windows kernel and involvement in numerous API calls makes it a prime target for malware attacks. Learn about the alarming discovery that malware countermeasures can disable ETW, potentially rendering an entire class of EDRs useless. Gain insights from security experts Andrey Golchikov, Igor Korkin, and Claudiu Teodorescu as they discuss the implications of this vulnerability and its impact on cybersecurity defenses.

Syllabus

Veni, No Vidi, No Vici: Attacks on ETW Blind EDR Sensors

Taught by

Black Hat

Reviews

Start your review of Veni, No Vidi, No Vici - Attacks on ETW Blind EDR Sensors

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.