Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Friday, May 20 • 4:00pm - 5:00pm
The Joy of Sandbox Mitigations

Sign up or log in to save this to your schedule and see who's attending!

When researchers think of Microsoft Windows process mitigations they’re likely to come up with DEP and ASLR. However Microsoft has been adding a number lesser known mitigations ranging from blocking Win32k system calls to reducing a sandbox’s attack surface which already assume RCE has been achieved. This presentation will describe the implementation of these less well known mitigations, some silly bypasses and bugs in their implementations as well as how you can use them in real world code to improve the security of your own applications.

Speakers
avatar for James Forshaw

James Forshaw

James is a security researcher in Google’s Project Zero. He has been involved with computer hardware and software security for over 10 years looking at a range of different platforms and applications. With a great interest in logical vulnerabilities he has numerous disclosures in a wide range of products from web browsers to virtual machine breakouts as well as being a Pwn2Own and Microsoft Mitigation Bypass bounty winner. He has... Read More →


Friday May 20, 2016 4:00pm - 5:00pm
Scruffy City Hall 32 Market Square, Knoxville, TN 37902

Attendees (25)