Technical Tuesday – 9 June 2015 – Using EMET to Defend Against Targeted Attacks; presented by Robert Hensing of Microsoft

Posted by on Jun 9, 2015 in Events Archive | No Comments

0-day vulnerabilities that are able to bypass platform level exploit mitigation technologies such as DEP and ASLR are becoming increasingly common. Knowledge workers are being increasingly targeted by adversaries seeking to gain a foothold in your enterprise via spear-phishing and watering hole style attacks leveraging 0-day vulnerabilities in commonly used applications such as Internet Explorer, Adobe Reader and Oracle’s Java. Many organizations are still running Windows XP which no longer receives security updates as of April 2014. This presentation discusses a free exploit mitigation toolkit called EMET that can be installed on all currently supported versions of Windows to significantly raise the bar for attackers by offering new and novel exploit mitigation techniques that have been pioneered by the Microsoft Trustworthy Computing division and independent security researchers from around the world.

Presented by: Robert Hensing of Microsoft

Robert is a 16 year veteran of Microsoft and was a founding member of the Microsoft Product Support Service Incident Response team where he developed the first version of the WOLF (Windows Online Forensics) toolkit that is still used to this day for performing live response to security incidents reported by Microsoft customers. From there Robert became a founding member of the MSRC Engineering Defense team where he performed vulnerability root cause analysis, looked for workarounds and mitigations to product vulnerabilities that could be documented in security advisories and bulletins, and provided signatures and detection logic for Microsoft Active Protections Program customers. Robert is now a Principal Consultant for the National Security Group where he creates custom software solutions using C# for the Department of Defense.