Gain Top-Notch Cyber Security Skills at SANS Miami 2019. Save $200 thru 12/19!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Improving Your Defenses - EMET & Window Defender Exploit Guard

  • Tuesday, February 13th, 2018 at 10:30 AM EST (15:30:00 UTC)
  • Erik Van Buggenhout and Stephen Sims
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!

Overview

Defeating Advanced Adversaries - a webcast series. Microsoft's Enhanced Mitigation Experience Toolkit (EMET) is end of life in July 2018. Due to customer demand, they decided to roll it into the Windows 10 Fall 2018 Creator's Update as part of Windows Defender Exploit Guard. If you installed this update and already had EMET, you likely noticed that it was automatically deleted to avoid conflict. Granular control for each exploit mitigation per application is possible, as well as audit mode. Join us as we walk through each of these exploit mitigations and discuss their effectiveness.

Watch Part 1 and Part 3 in the Defeating Advanced Adversaries Series

Speaker Bios

Stephen Sims

Stephen Sims is an industry expert with over 15 years of experience in information technology and security. Stephen currently works out of San Francisco as a consultant. He has spent many years performing security architecture, exploit development, reverse engineering, and penetration testing. Stephen has an MS in information assurance from Norwich University and is a course author and senior instructor for the SANS Institute. He is the author of SANS' only 700-level course, SEC710: Advanced Exploit Development, which concentrates on complex heap overflows, patch diffing, and client-side exploits. Stephen is also the lead author on SEC660: Advanced Penetration Testing, Exploits, and Ethical Hacking. He holds the GIAC Security Expert (GSE) certification as well as the CISSP, CISA, Immunity NOP, and many other certifications. In his spare time Stephen enjoys snowboarding and writing music.


Erik Van Buggenhout

Erik Van Buggenhout is the lead author of SEC599 - Defeating Advanced Adversaries. In addition to SEC599, Erik teaches SEC560 - Network Penetration Testing & Ethical Hacking and SEC542 - Web Application Penetration Testing & Ethical Hacking. He has been involved with SANS since 2009, first as a Mentor, working his way to Community Instructor in 2012 and finally becoming a Certified Instructor in 2016.

Erik loves explaining deeply technical concepts by using war stories, adding a few funny anecdotes here and there. As a testimony of his technical expertise, he has obtained the GSE, GCIA, GNFA, GPEN, GWAPT, GCIH, and GSEC certifications.

In addition to his work with SANS, Erik is the co-founder of Belgian cyber security firm NVISO, which focuses on high-end cyber security services, specializing in government, defense and the financial sector. Together with his team of 20+ technical experts, Erik delivers a wide array of technical security services, including penetration testing, security monitoring & incident response.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.