Gal Badishi (Cyvera Ltd., Cyber Defense Solutions)
Wednesday, 3.4.2013, 11:30
Recent attacks on high-value targets, demonstrate how state-of-the-art
defenses fail to protect against APTs (Advanced Persistent Threats).
These victims spare no expense and appropriately deploy cutting-edge
defenses, such as firewalls, intrusion detection and prevention systems,
and anti-virus scanners, as well as novel approaches for detecting
zero-day exploits - yet these are ineffective at thwarting determined
In this talk we examine the unsatisfying state of attack-prevention
solutions, as well as demonstrate the ease of circumventing the
majority of defenses.
We move on to present a fresh security paradigm: extensive obstruction
of attacks, rather than an attempt to identify and detect malicious
behaviors and attack-related actions, often after the fact. In combining
methods such as traps in heap memory and DLL protection, with
enhancements to solutions such as Data Execution Prevention (DEP) and Address
Space Layout Randomization (ASLR), we achieve nearly perfect
exploit-prevention rates, even for zero-day exploits.
Further, we’ll discuss the challenges in transforming these mitigation
techniques into a commercial-grade product with security modules that
can be applied generically to every process.
Gal Badishi is the Chief Scientist of Cyvera, a VC-backed startup
providing innovative cyber-defense solutions. Gal is a hands-on security
researcher, specializing in software vulnerabilities, exploitation
techniques, and exploit-mitigation. He received his B.Sc in Computer
Science from the Hebrew University in Jerusalem in 2000, and his Ph.D.
from the Department of Electrical Engineering at the Technion, Israel’s
Institute of Technology, in 2007. Gal has contributed to the Israeli Cyber
Intelligence community and acted as a consultant to the IDF’s Cyber