Back To Schedule
Friday, May 5 • 4:00pm - 5:00pm
Exploit Kits Explained

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Exploit kits (EKs) first appeared in 2006 but their initial growth was limited by the high level of technical expertise required to use them. Over time, however, EKs have steadily evolved into easy to use (and important) tools in the growing Crimeware-as-a-Service (CaaS) industry. Due to their effectiveness in delivering many different kinds of malware, Blue Teams should understand them. This presentation will begin by differentiating an exploit from a payload. It will then define the term exploit kit and discuss their most common characteristics, including their management consoles and delivery techniques. To give attendees some perspective, the presentation will examine several famous EKs to explain what makes them so successful. Attendees will then be led through an example EK Infection Chain, including a discussion of the crucial role that DNS plays in EK effectiveness. The session will close with a discussion of current best practices for protecting against EKs and predictions of what Blue Teams can expect to see from EKs in the future.

At the end of this presentation participants will be able to:
•Explain what exploits kits are and what they are most commonly used for
•Describe the relationship between exploit kits and Crimeware-as-a-Service (CaaS)
•Describe the difference between an exploit and a payload
•Name exploit kit components and architecture
•Discuss exploit kit delivery methods
•List the prerequisites required for an exploit kit to successfully compromise a device
•Deploy those best practices that will most protect against exploit kits
•Explain why exploit kits will continue to threaten all types of organizations for the foreseeable future

avatar for David Vargas

David Vargas

Professor, Several Colleges
David Vargas is a professor of cybersecurity at several local colleges and universities in the Washington, DC area. He has worked extensively in cybersecurity in both the public and private sectors and often shares his expertise at security conferences and professional meetings nationwide... Read More →

Friday May 5, 2017 4:00pm - 5:00pm EDT
KEC 17 Market Square #101, Knoxville, TN 37902