The series will cover building blocks of EDR, various ways to collect data, analysis and detection methods, and how to evade them.
Session 1: EDR Fundamentals
Topics to be covered
1. What is an #EDR 2. Building blocks of EDR 3. Common EDR features 4. Process events 4.1 Common event sources 4.1.1 #Linux Audit Subsystem 4.1.2 #eBPF 4.1.3 System call tracepoints 4.2 Process event metadata 5. Common detection mechanisms 5.1 Command line 5.2 Process tree 6. Evasion from process event detection 6.1 #Spoofing ELF file name 6.2 #Poisioning the command line 6.3 Poisoning the process tree
Speakers: Adhokshaj Mishra, Siddharth Sharma
Time: 1-1.5 hr
Time: Jul 31, 2021 04:00 PM
Registration Link: https://vapra.shiksha/register-for-next-varta/
An initiative for #Cybersecurity Varta
Request you all to follow us on the following platforms for regular updates.
https://t.me/VapraShiksha (Central Node for all Info)