Matthew Green

I am a DFIR and detection guy from Sydney Australia.

Endpoint Hunting in an AntiEDR World


With the proliferation of EDR we have seen attackers at all levels upping their game to bypass brittle (and not so brittle) endpoint detection. This talk showcases the background to EDR technology and some practical real world examples of detection bypasses.

Originally presented at a local SANs and community event (modification with additional presentations since). Download slides

Hunting Penguin