Branden Carter

Branden has been working in IT for 13 years and the security field for 8 of those. He spends most of his time working on endpoint defense, logging, tactical SIEM, and firewall administration. Occasionally he blogs about something that he finds interesting that solves problems in unique ways. Branden is also involved with and appreciates support for https://www.hackersforcharity.org.

Anti-exploit mitigations

Life After EMET – Breaking Modern Attack Chains with Windows 10

At the 2015 Boise ISSA conference I presented anti-exploit capabilities of Microsoft EMET and demonstrated their effectiveness against some attack techniques in use at that time. On July 31, 2018 Microsoft discontinued support for EMET. Why was EMET discontinued? Can we still get protections it offered in Windows 10? In this presentation we will look at the anti-exploit mitigations in Windows 10, as well as some new (and old) anti-malware capabilities that go beyond the capabilities of EMET. We will see how these mitigations work together, stopping even advanced attack techniques with capabilities built into Windows 10.