This is an overview and demo of Microsoft EMET. We'll start by talking about hard-to-patch software like Java and move into what the EMET is, how it works, deployment strategies, and deployment targets. We'll then move on to a demonstration of effectiveness using real-world attacks against a vulnerable system without EMET, and then those same attacks against the same system with EMET installed. Finally, we'll wrap up with a summary and Q&A session. This won't be an "EMET is perfect" talk or a vendor pitch. EMET's strengths and weaknesses will be discussed with a critical eye.
Kevin is a security architect and part time packet mangler. He has over 17 years of experience in both the offensive and defensive sides of information security, and has done work for a number of organizations across the technology, healthcare, finance, and retail sectors.
If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek