The Memory Corruption Safety Dance
Offered By: Kaspersky via YouTube
Course Description
Overview
Explore the evolution and effectiveness of memory safety vulnerability mitigation strategies in this 34-minute conference talk by Mark Dowd from Azimuth Security. Delve into the explosive growth of technologies aimed at combating memory corruption vulnerabilities over the past decade. Examine traditional and new approaches to thwarting exploitation techniques, and evaluate their impact on cybersecurity. Gain insights into the future of preventing wide-scale exploitation of memory corruption vulnerabilities through a comprehensive analysis of defense-in-depth strategies, including bug minimization, exploit mitigations, and isolation. Learn about the costs associated with vulnerability discovery and exploit development through real-world browser exploit walkthroughs from 2009 and 2015.
Syllabus
Introduction
What will we cover?
Applicability
Defense-In-Depth - A three-tiered approach
Defense-In-Depth - Bug Minimization
Defense-In-Depth - Exploit Mitigations
Defense-In-Depth - Isolation
Let's talk about cost - Discovery cost
Browser Exploit Walkthrough 2009 (UAF)
Browser Exploit Walkthrough 2015 (UAF) - Core Security (IE11) MS15-106
Let's talk about cost - Development cost
The Future
Taught by
Kaspersky
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network