A guided tour of EDR bypasses up until now
Format: 30 mins
Location: The Studio
In the last few years, Endpoint detection and response (EDR) has become increasingly popular within the information security industry. With more organisations increasingly adopting the use of EDR to help prevent threats, the sales of EDR solutions are expected to reach over $7 billion by 2026 and major EDR solutions have all seen an upward trend every quarter. The success of the EDR companies highlights the widespread adoption in favour of traditional antivirus products who cannot keep up with the increasing frequency of attacks. To try to keep up with the pace of attacker, all EDR solutions are using Artificial Intelligence(AI) and Machine Learning(ML) driven capabilities to make defence accessible to organisations in a more automated way.
This talk will present the history of EDR bypasses in order to help the audience understand the battle between attack and defense within this space. I'll go through how an EDR system can be used in an organisation to help them better detect and respond to threats. According to Gartner's Magic Quadrant for Endpoint Protection Platforms, the top three EDR leaders are Crowdstrike, Microsoft and Symantec. I'll perform a detailed study on the history and researches involved in EDR bypass on the top three leaders and how it relates and differs to traditional AV bypasses.