Be the first to like this
Today centrally managed Anti-Virus (AV) solutions are used across all enterprises and are relied upon to provide central management, logging and enforcement. This talk presents the journey and the results of a reviewing the security posture of the core components of a few selected managed AV solutions, the central servers themselves. Critical security vulnerabilities will be presented, covering SQL Injection, Directory Path Traversal and Buffer Overflow. Particular focus will be given to the different steps required to fully compromise both central management servers and managed stations. Who does not want to transform a major managed AV into his private botnet within minutes?
Jerome Nokin works as a Security Consultant for Verizon Enterprise where he is a senior member of the Vulnerability Management Team mainly focusing on Penetration Tests and Web Application Assessment. Prior to his role at Verizon he worked in the area of security covering both consultancy and ICT.