Bypassing Application Whitelisting in Critical Infrastructures

Explore application whitelisting in critical infrastructures and learn techniques to bypass security measures in this 50-minute conference talk from NorthSec. Delve into the concept of application whitelisting for hardening critical systems like SCADA environments and high-security administrative workstations. Examine the effectiveness of this approach in preventing malware execution and protecting against advanced persistent threat (APT) attacks. Discover general bypass techniques and see practical demonstrations using McAfee's application control. Learn methods to achieve code execution, bypass read and write protections, and understand user account control (UAC) bypasses on protected systems. Analyze the security of memory corruption protections and explore product-related design flaws and vulnerabilities in application whitelisting implementations.

René Freingruber - Bypassing Application Whitelisting in Critical Infrastructures