A new defense against kernel-mode exploits
Over the past many years, there’ve been a plethora of security solutions available for Windows-based endpoints, but most of them are helpless against malicious code targeting the kernel – even when we employ layered security and stack them one upon the other.
The time has come to change the security paradigm and architecture, say Rafal Wojtczuk and Rahul Kashyap. “Windows kernel vulnerabilities are frequent, and this is not going to change anytime soon,” they say. “We have to live with them and be able to defend against them.”
In this podcast recorded at Hack In The Box Amsterdam 2014, they propose a solution to the problem.
Listen to the podcast here.
Rafal Wojtczuk, Principal Security Architect at Bromium, has specialized in kernel and virtualization security, over the years he has disclosed many security vulnerabilities in popular operating system kernels and virtualization software. He is also the author of libnids, a low-level packet reassembly library.
Rahul Kashyap is Chief Security Architect, Head of Security Research at Bromium. Before joining Bromium, he led the worldwide Vulnerability Research teams at McAfee Labs. He has led cyber defense technologies focused on exploit prevention and mitigation for both host and network related products.