Risky Business #265 -- Reliably detecting 0day with crash dumps

Using Dr. Watson to uncover failed exploitation attempts...
November 30, 2012 -- 

On this week's show were chatting with Rex Warren of Leviathan Security in the United States.

Leviathan has been working with DARPA on an interesting new system that can reliably detect failed 0day exploitation attempts against hosts. Basically these guys are just grabbing Dr. Watson crash dumps at the gateway, but where it gets interesting is when we look at what they do with those crash dumps. Emulation FTW.

This week's show is brought to you by the fine folk at Tenable Network Security. If you need vulnerability scanning or SIEM software you really need to go visit their website. On this week's show we're revisiting the topic of phantom 0day with Ron Gula, the chief executive and co-founder of Tenable. We'll also be chatting to him about whether or not the biggest threat to users in the future could be social engineering.

Insomnia Security consultant Adam Boileau, as always, joins us for the week's news headlines. You can find links to all articles discussed in this week's show notes.

Comments

foxie.claire's picture

The crash dumps are annoying. Would it be something we should be working out? - Feed the Children Reviews

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.