Security Researcher at Senhasegura and Principal Security Engineer at TalkDesk
I’ve been working Security Researcher at senhasegura and Principal Security Engineer at Talkdesk. I’m Hacking is NOT crime Advocate and RedTeam Village Contributor. I’m part of the Staff team of DEFCON Group São Paulo-Brazil, International Speakers in Security and New technologies events in many countries such as US, Canada, Germany, Poland and others, I’ve been served as University Professor in Graduation and MBA courses at brazilian colleges, in addition, I’m Creator and Instructor of the Course Malware Attack Types with Kill Chain Methodology (PentestMagazine) and Malware Analysis – Fundamentals (HackerSec).
Session: Threat Hunting. Practical Proving in creative way like a detection and efficiency test in security sensors.
During this presentation we’ll show our tests performed in three different solution endpoint security (CrowdStrike,Sophos and Cybereason Solution), where we simulate targeted attacks using many strategies of attacks to obtain a panoramic view of the resilience presented by the solutions, with regard to the efficiency in its detection by signatures, NGAV and Machine Learning, running scripts, such as: Download many malwares within the victim machine, moving all those malware to other folder(expectation of detection without execution), and as well as, an idea in to download these artifacts directly on the victim’s machine using malwares from The Zoo Repository and furthermore, we’ll running scripts with powershell downloading daily malwares batches, provide by MalwaresBazaar by request using API access.
And the end of this presentation, the front responsible for the product will have an instrument capable of guiding a process of mitigation and / or correction, as well as optimized improvement, based on the criticality of risks.
Additional information and programme of International Cybersecurity & Digital Services Protection Conference – here