Want to get a good overview of AppLocker and the different AppLocker bypasses and at the same time learn how defenders can harden their environments to prevent them? Then this is a talk you don't want to miss.
Oddvar Moe is a Microsoft Cloud and Datacenter Management MVP, security researcher, blogger, trainer, Red teamer, speaker. He works at TrustedSec as a Senior Security Consultant where his day to day work is to test the security for various companies. He has more than 18 years of experience in the IT industry. He is passionate about Windows Security and he loves to share his knowledge with everyone.
Oddvar Moe has delivered top notch sessions in the past at conferences such as DerbyCon, IT Dev Connections, MVP Dagen, HackCon and Nordic Infrastructure Conference. Oddvar actively contributes to the security community and he is most known for his contribution around the LOLBins and the AppLocker Bypasslist. He has also discovered several weaknesses in the Windows operating system and he also got a CVE for one of the discoveries.
In his Paranoia 2019 talk "App-o-Lockalypse now!" Mr. Moe will cover a vast amount of bypass techniques and how to harden AppLocker to make it even harder to bypass. Giving you help to either start or avoid an App-o-Lockalypse. Application whitelisting is one of the best security measures you can do for your environment, but it needs to be done right. This is a talk for both Red and Blue teams. The talk will cover the most relevant bypasses found on Oddvar Moe's maintained list.