Deep Instinct Spotlights Need for Predictive Prevention at Black Hat and DEF CON 2023
NEW YORK, NY and LAS VEGAS (August 1, 2023) – Deep Instinct, the prevention-first cybersecurity company that stops unknown malware pre-execution with a purpose-built, AI-based deep learning (DL) framework, today announced its participation at this year’s Black Hat and DEF CON 31 conferences in Las Vegas.
Deep Instinct will showcase its award-winning, first-of-its-kind Predictive Prevention Platform at booth #2812 in the Mandalay Bay Convention Center during Black Hat. In addition, members of Deep Instinct’s Threat Research team will deliver two talks during DEF CON at the Caesars Forum.
- Contain Yourself: Staying Undetected Using the Windows Container Isolation Framework
SPEAKER: Daniel Avinoam, Security Researcher, Deep Instinct
WHEN: Friday, August 11th at 10 AM PT
WHAT: The use of containers is an integral part of any resource-efficient and secure environment. Starting with Windows Server 2016, Microsoft released its version of this solution, Windows Containers, which offers process and Hyper-V isolation modes. In both cases, an efficient file system separation should be provided. This presentation will cover the basics of Windows containers, break down its file system isolation framework, reverse-engineer its main mini-filter driver, and see how it can be utilized and manipulated by a bad actor to bypass EDR products in multiple domains.
SPEAKER: Ron Ben-Yizhak, Security Researcher, Deep Instinct
WHEN: Sunday, August 13th at 12 PM PT
WHAT: Privilege escalation is a common attack vector in the Windows OS. There are multiple offensive tools in the wild that can execute code as “NT AUTHORITY\SYSTEM” (Meterpreter, CobaltStrike, Potato tools), and they all usually do so by duplicating tokens and manipulating services. This talk will show an evasive and undetected privilege escalation technique that abuses the Windows Filtering Platform (WFP). Additionally, the various components of the Windows Filtering Platform will be analyzed, including the Basic Filtering Engine, the TCPIP driver, and the IPSec protocol, while focusing on how to abuse them to extract valuable data.
As cyber threats continue to increase in volume and velocity, and emerging technologies like AI expand the threat landscape, a reactive approach to data security is no longer sufficient. Deep Instinct is the first and only data security company with a purpose-built Deep Learning framework built to protect a company’s most valuable asset, its data, by preventing known and unknown threats.
To learn more about how the Deep Instinct Predictive Prevention Platform can help your organization predict and prevent threats from infiltrating your organization, please visit www.deepinstinct.com.
About Deep Instinct
Deep Instinct takes a prevention-first approach to stopping ransomware and other malware using the world’s first and only purpose-built, deep learning cybersecurity framework. We predict and prevent known, unknown, and zero-day threats in <20 milliseconds, 750x faster than the fastest ransomware can encrypt. Deep Instinct has >99% zero-day accuracy and promises a <0.1% false positive rate. The Deep Instinct Predictive Prevention Platform is an essential addition to every security stack – providing complete, multi-layered protection against threats across hybrid environments. For more, visit www.deepinstinct.com.
Inkhouse for Deep Instinct