BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.securitybsides.org.uk//bsides-london-2024//talk//V8Q
 CKM
BEGIN:VTIMEZONE
TZID:GMT
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:GMT
TZOFFSETFROM:+0100
TZOFFSETTO:+0000
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T020000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:BST
TZOFFSETFROM:+0000
TZOFFSETTO:+0100
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-bsides-london-2024-V8QCKM@cfp.securitybsides.org.uk
DTSTART;TZID=GMT:20241214T144500
DTEND;TZID=GMT:20241214T153000
DESCRIPTION:This presentation explores the advanced use of minifilters in o
 ffensive security operations\, focusing on their application in bypassing 
 and disabling EDRs. We will delve into the architecture of EDR systems and
  common offensive uses of mini filters\, such as bypassing file system mon
 itoring.\n\nWe will then introduce a novel technique to entirely disable E
 DRs via the abuse of minifilters.\n\nThe talk will also cover the implicat
 ions for defensive security and potential countermeasures\, aiming to prov
 ide valuable insights for both offensive and defensive security profession
 als.
DTSTAMP:20260611T000633Z
LOCATION:Track 3
SUMMARY:When the Hunter Becomes the Hunted: Using Minifilters to Disable ED
 Rs - Tom Philippe
URL:https://cfp.securitybsides.org.uk/bsides-london-2024/talk/V8QCKM/
END:VEVENT
END:VCALENDAR