High Performance VM Introspection
Offered By: Security BSides San Francisco via YouTube
Course Description
Overview
Explore hypervisor memory introspection as a security solution for virtual machines in this 25-minute conference talk from BSidesSF 2019. Delve into the challenges of performance impact due to memory access restrictions and discover an innovative approach to filtering page-table accesses using an in-guest agent. Learn about the second-level address translation (SLAT) mechanism, virtualization exception (#VE), and methods for protecting the in-guest agent from potential malicious activities. Gain insights into improving page-table monitoring, performance figures, and key takeaways for implementing high-performance VM introspection in your security infrastructure.
Syllabus
Intro
About Bitdefender
About the Speakers
HOTEL TRANSYLVANIA
APT Lifecycle
APT Dwell Time
Carbanak APT
HVI Crash Course
HVI Deployment Models
Main Performance Limitations
Improving Page-Table Monitoring
Performance Figures
Takeaways
Resources
Taught by
Security BSides San Francisco
Related Courses
Early Detection through DeceptionYouTube Hack for Show, Report for Dough - Brian King
YouTube Blue Teamin on a Budget of Zero - Kyle Bubp
YouTube Windows Event Logs - Zero to Hero
YouTube Weaponizing Splunk - Using Blue Team Tools for Evil
YouTube