Two Days Left to get a GIAC Cert Attempt Included with Online Training through February 20!

London Spring 2016

London, United Kingdom | Mon, Feb 29, 2016 - Sat, Mar 5, 2016
This event is over,
but there are more training opportunities.

Demystifying Exploit Development

  • David Hoelzer
  • Monday, February 29th, 6:00pm - 8:00pm

Our defensive teams sometimes delay patching for many reasons. When this happens, one of the theories is that ‚Exploitation is very difficult.‚ Obviously, we‚re not talking about well known exploits that are already in exploitation tools like Metasploit, we‚re talking about vulnerabilities that have only just been revealed. The question is, is exploitation of newly discovered flaws really difficult? In this talk we will examine how a ‚security researcher‚ might take information from a CVE, create a working proof of concept and convert it into a fully working exploit, all in less than 60 minutes. We‚ll also take some detours into defensive mechanisms and discuss just how effective they are.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
Monday, February 29
Session Speaker Time Type
Welcome to SANS David Hoelzer Monday, February 29th, 8:15am - 8:45am Special Events
Demystifying Exploit Development David Hoelzer Monday, February 29th, 6:00pm - 8:00pm Keynote
Tuesday, March 1
Session Speaker Time Type
Build ‚Muscle Memory‚ with Rekall Memory Forensic Framework Alissa Torres Tuesday, March 1st, 6:00pm - 7:00pm SANS@Night
DLP FAIL!!! Using Encoding, Steganography, and Covert Channels to Evade DLP and Other Critical Controls Kevin Fiscus Tuesday, March 1st, 7:00pm - 8:00pm SANS@Night