This is an overview and demo of Microsoft EMET. We'll start by talking about hard-to-patch software like Java and move into what the EMET is, how it works, deployment strategies, and deployment targets. We'll then move on to a demonstration of effectiveness using real-world attacks against a vulnerable system without EMET, and then those same attacks against the same system with EMET installed. Finally, we'll wrap up with a summary and Q&A session. This won't be an "EMET is perfect" talk or a vendor pitch. EMET's strengths and weaknesses will be discussed with a critical eye.

Kevin is a security architect and part time packet mangler. He has over 17 years of experience in both the offensive and defensive sides of information security, and has done work for a number of organizations across the technology, healthcare, finance, and retail sectors.

Back to Bsides Cleveland 2015 video list