That Shouldn’t Have Worked – An Intro to Evading AV/EDR – Corey Overstreet
October 19 @ 5:00 pm – 5:50 pm MDT
Presented by: Corey Overstreet
Endpoint protections are getting better every day. Attackers are having to change their tactics more and more to achieve execution which, in turn, makes it harder for red teams to emulate their attacks. In this talk, Corey Overstreet will be covering initial common methods used to get payloads around AV/EDR and application allow-listing.
Corey Overstreet is an experienced penetration tester and red team operator. He has been engaged with Fortune 500 organizations across a variety of industries, including financial services, government services, and healthcare. Additionally, he has over five years of systems administration and VMWare administration experience. He participated as a member of the SECCDC Red Team from 2016 through 2019.