Inside the Mind of the Attacker: EDR Blind Spots and Exploits
Attackers aren’t standing still and neither are their evasion tactics. This session dives into how adversaries bypass EDR detection, from classic obfuscation to advanced in-memory techniques. You’ll get a breakdown of how anti-malware systems (AV, EDR, XDR, etc) work, and how they’re being defeated. Expect real-world examples, cutting-edge evasion methods like PE and reflective DLL injection, and actionable strategies to fortify your defenses against these evolving threats. Key Highlights: How Detection Works: AV, EDR, XDR basics — signatures, heuristics, behavior analytics Common Evasion Techniques: E.g. Obfuscation, packers, crypters, fileless malware, etc Advanced Evasion Methods: PE injection, reflective DLL injection, including other real-world examples Defensive Strategies: Behavioral analytics, advanced threat detection, and threat intelligence integration
Speaker
Marvin Ngoma
Elastic, Principal Security Architect, Security Evangelist
Marvin is a seasoned consultant and security architect. He has a strong passion for helping organizations succeed in their cybersecurity programs. He has led many projects in both the private and public sectors, architecting and building Security Operations and Intelligence capabilities; unifying tools, processes, and people. Prior to joining Elastic, Marvin worked as a security consultant at IBM and was the primary SME for QRadar in the nordics. In addition to his work with clients, Marvin... read more