Evading EDR : sensors, telemetry, and how to bypass them

Evading EDR sensors, telemetry, and how to bypass them

"Introduces readers to the most common components of EDR systems, including function hooking, callback notifications, Event Tracing for Windows, and filesystem minifilters, by explaining how they are implemented and how they collect various data points. Covers documented evasion strategies for...

Descripción completa

Detalles Bibliográficos
Otros Autores: Hand, Matt, author (author)
Formato: Libro electrónico
Idioma:Inglés
Publicado: San Francisco, CA : No Starch Press [2024]
Materias:
Microsoft Windows (Computer file)
Penetration testing (Computer security)
Intrusion detection systems (Computer security)
Computer security > Computer programs.
Computer networks > Security measures > Data processing.
Operating systems (Computers) > Protection.
Ver en Biblioteca Universitat Ramon Llull:https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009767133106719
Descripción
Sumario:"Introduces readers to the most common components of EDR systems, including function hooking, callback notifications, Event Tracing for Windows, and filesystem minifilters, by explaining how they are implemented and how they collect various data points. Covers documented evasion strategies for bypassing detections and describes how defenders might protect themselves"--
Descripción Física:1 online resource
ISBN:9781098168742

Ejemplares similares