Hacking AppLocker cache

Abstract

Built-in application whitelisting solution greatly improves the security of the Windows operating system. But are you aware it relies on the cached data to make its operations faster? Manipulation of the cache content may lead to the protection bypass. The session focuses on the mechanism, its bypasses and mitigations.


Speakers Information


Grzegorz Tworek

Second Generation IT Professional. Since nineties, actively writing, blogging, and speaking about security, especially when it comes to Microsoft solutions. Speaker at top conferences around the world. During his career, built and managed different Security Teams, wrote dozens of tools, put some hackers to jail and got some others out of jail. Sixteen times awarded with Microsoft Most Valuable Professional award.





View Full Schedule

Subscribe to Our Mailing List

Join our community mailing list for updated on conference annoucements, important dates and discussions.