In recent years, security vendors have increased their product offerings in order to accommodate the security needs of the corporate environment in addition to desktop Anti-Virus (AV). Solutions such as end-point security, web browsing security, cloud security, server mail security, data loss prevention and so on have become an integral part of many corporate networks. Although the latest security research has focused mainly on consumer AV products, evasion techniques and scan engine vulnerabilities, very little focus has been placed on corporate security products.
Therefore, in this technical talk Steve and Roberto will share the results of their meticulous approach to enterprise security software analysis, which consisted in reverse engineering, network traffic inspection, DLL hooking, web application testing, source code review and exploit development. The research and unique approach resulted in the discovery of over one hundred remote code execution vulnerabilities and several unique attack vectors.
The talk will examine and showcase some previously unreleased vulnerabilities, novel attack scenarios, automated approaches to vulnerability discovery as well as some clever exploitation tricks. The presentation will include a montage of on-stage demonstration of the most interesting zero-days that were discovered across different products, such as TrendMicro ScanMail for Microsoft Exchange, TrendMicro Smart Protection Center, TrendMicro Data Loss Prevention, TrendMicro Control Manager, TrendMicro InterScan Web Security Virtual Appliance, TrendMicro InterScan Messaging Security Suite, TrendMicro Threat Discovery Appliance, TrendMicro SafeSync, and TrendMicro Mobile Security Enterprise.
Steven Seeley has years of experience in application security, reverse engineering and exploit development. Currently he is a Content Developer & Security Researcher for Offensive Security. Previously, Steven has been a member of the (in)famous Corelan Security Team and has taught advanced PHP vulnerability analysis and exploitation in Mexico at the Instituto Politécnico Nacional University. Steven continues to push to boundaries of application security research and enjoys collaborating research efforts with likeminded individuals. You can find him on Twitter at @steventseeley.
Roberto Suggi Liverani (@malerisch) focuses on intrusion testing and new methods of exploitation. Roberto has worked with companies such as Microsoft, Google, Oracle, Mozilla, HP and others by reporting and helping to fix security vulnerabilities in their products. Roberto has been a guest speaker at global security conferences, including HITBAMS, EUSecWest, Ruxcon, Kiwicon, DEFCON and HackPra AllStars. Roberto publishes his security research at: http://blog.malerisch.net