Uploaded bybsidesaugusta
743 views

EMET

EMET (Enhanced Mitigation Experience Toolkit) is a free Microsoft tool that provides additional security for applications like MS Office, Acrobat, Flash, and Java by enabling exploit mitigation techniques like ASLR, DEP, and SEHOP. While EMET strengthens security, it does not prevent all exploits and its management and deployment require planning. Questions about EMET and Microsoft's strategy are answered on their security blogs and technical library pages.

Embed presentation

Employing EMET for Application Security
GCIA, GCIH, GSEC, CCNA, CISSP @dacoursey
EMET
MS Office Acrobat Flash Java
DEP ASLR SEHOP etc…
Progress Report ASLR DEP
What is it?
But what about…
What does it NOT do?
Deployment
Management
Microsoft’s Strategy
Questions?
http://blogs.technet.com/b/srd/archive/2010/12/08/on-the-effectiveness-of-dep-and-aslr.aspx?Redirected=true https://blogs.technet.com/b/srd/archive/2009/02/02/preventing-the-exploitation-of-seh-overwrites-with-sehop.aspx?Redirected=true https://blogs.technet.com/b/security/archive/2012/08/08/microsoft-s-free-security-tools-enhanced-mitigation-experience-toolkit.aspx?Redirected=true http://technet.microsoft.com/en-us/library/dd837644(v=ws.10).aspx

More Related Content

RTF
Useful links
byNeelakanta Valmiki
 
PDF
Asp.net Tutorial
byGuru99
 
PPTX
La protection sociale
byGlen Le Serre
 
PDF
Apport de la simulation sur maquette adaptative à la démarche de conception d...
byBenoit LANGARD - PhD
 
PPTX
Badanie poszkodowanego na miejscu zdarzenia
byAleksandra Placek
 
PDF
AIBA -Doha 2015 Branding
bySujid Rehman
 
PDF
OPAD EAST AFRICA PROFILE
byDon Mike
 
PPTX
Bolivia presentation (espanol)
byEdmundo Garron
 
Useful links
byNeelakanta Valmiki
 
Asp.net Tutorial
byGuru99
 
La protection sociale
byGlen Le Serre
 
Apport de la simulation sur maquette adaptative à la démarche de conception d...
byBenoit LANGARD - PhD
 
Badanie poszkodowanego na miejscu zdarzenia
byAleksandra Placek
 
AIBA -Doha 2015 Branding
bySujid Rehman
 
OPAD EAST AFRICA PROFILE
byDon Mike
 
Bolivia presentation (espanol)
byEdmundo Garron
 

Viewers also liked

PPTX
Detecting Hacks: Anomaly Detection on Networking Data
byDataWorks Summit
 
PPTX
Eyeing the Onion
bybsidesaugusta
 
PPTX
Sabar
byryanrachmad
 
PPTX
Traffic anomaly detection and attack
byQrator Labs
 
DOCX
Program Tahunan Bhs Inggris Kls XII SMA
byNila Suyanti
 
PPT
Pintar Peribahasa 2
byCikgu Ros
 
PDF
Curso de clarinete - Enelruy Lira
byPartitura de Banda
 
PDF
Pout pourrit Sertanejo
byPartitura de Banda
 
DOCX
ALANA Experience 2015 Case Study
byNicole K. Wong
 
PPTX
Cisco OpenSOC
byJames Sirota
 
Detecting Hacks: Anomaly Detection on Networking Data
byDataWorks Summit
 
Eyeing the Onion
bybsidesaugusta
 
Sabar
byryanrachmad
 
Traffic anomaly detection and attack
byQrator Labs
 
Program Tahunan Bhs Inggris Kls XII SMA
byNila Suyanti
 
Pintar Peribahasa 2
byCikgu Ros
 
Curso de clarinete - Enelruy Lira
byPartitura de Banda
 
Pout pourrit Sertanejo
byPartitura de Banda
 
ALANA Experience 2015 Case Study
byNicole K. Wong
 
Cisco OpenSOC
byJames Sirota
 

Recently uploaded

PDF
How to Buy Verified Payoneer Accounts for Seamless International ...
bymarkkinde3
 
PDF
Js jony - How to Get a Verified Gmail Account Quickly and Safely.pdf
byLos Angeles
 
PDF
7 Best Value Platforms for Verified Stripe Accounts in 2026_27.pdf
byhttps://usashopsell.com/product/buy-verified-paypal-accounts/
 
PDF
Dimi v Rimi Part I Continuous Design.pdf
byBrij Consulting, LLC
 
DOCX
Reliable Places to Buying Old Gmail Accounts .docx
byhttps://propvaservice.com/product/buy-old-gmail-accounts/
 
PDF
Buy Old Gmail accounts 2025 — Guide & Risks to know.pdf
byhttps://propvaservice.com/product/buy-old-gmail-accounts/
 
PDF
5 Easy Ways to Understand Buying Old Gmail Accounts Smartly in 2026.pdf
byBuy Verified PayPal Accounts
 
PDF
AML-CFT-CPF-Guidelines-for-Foreign-Exchange-Bureaus-2025-1.pdf
byKweku Zurek
 
DOCX
Buy Gmail Accounts_ Step-by-Step Guide for 2025
bybuy old gmail accounts
 
PDF
Fruit Production Farming and Exporting Business Plan in Bahir Dar Town, Amhar...
byReyan Business Consultancy
 
PDF
Buy Old Gmail Accounts for All Countries Supported.pdf
byPVAISBACK.COM--Digital Marketing Self-Employed Consultant
 
PDF
How to Buy Verified Payoneer Accounts for Global Freelance Payments
byjames wode
 
PDF
Buy TikTok Seller Account in 2025_ What the Term Really ....pdf
byzgaptxdary3819la63qg
 
PDF
Introduction to 4 Place for Buying Old Gmail Accounts.pdf
byhttps://topsellerit.com/product/buy-verified-paypal-accounts/
 
PDF
Where to Buying Old Gmail Accounts with Real Age and Trusted Understanding (1...
byhttps://propvaservice.com/product/buy-old-gmail-accounts/
 
PDF
ttttttttttttttttttttttttttttttttttttttttttttttttttttt
byryof
 
PDF
Instant Access to Naver Accounts_ Buy Securely Now.pdf
bybuyverifiedpaypalaccounts
 
PPTX
SECURITY IN THE CONTEMPORARY WORLD PPT.pptx
bybatman2026again
 
PDF
10 Best Ways to Buy Verified Wise Accounts in the US, UK, & All Countries Sup...
byPVAISBACK.COM--Digital Marketing Self-Employed Consultant
 
PDF
Management Times by Jawaharlal Business School, Lakkidi, Palakkad
byPaul Mathew
 
How to Buy Verified Payoneer Accounts for Seamless International ...
bymarkkinde3
 
Js jony - How to Get a Verified Gmail Account Quickly and Safely.pdf
byLos Angeles
 
7 Best Value Platforms for Verified Stripe Accounts in 2026_27.pdf
byhttps://usashopsell.com/product/buy-verified-paypal-accounts/
 
Dimi v Rimi Part I Continuous Design.pdf
byBrij Consulting, LLC
 
Reliable Places to Buying Old Gmail Accounts .docx
byhttps://propvaservice.com/product/buy-old-gmail-accounts/
 
Buy Old Gmail accounts 2025 — Guide & Risks to know.pdf
byhttps://propvaservice.com/product/buy-old-gmail-accounts/
 
5 Easy Ways to Understand Buying Old Gmail Accounts Smartly in 2026.pdf
byBuy Verified PayPal Accounts
 
AML-CFT-CPF-Guidelines-for-Foreign-Exchange-Bureaus-2025-1.pdf
byKweku Zurek
 
Buy Gmail Accounts_ Step-by-Step Guide for 2025
bybuy old gmail accounts
 
Fruit Production Farming and Exporting Business Plan in Bahir Dar Town, Amhar...
byReyan Business Consultancy
 
Buy Old Gmail Accounts for All Countries Supported.pdf
byPVAISBACK.COM--Digital Marketing Self-Employed Consultant
 
How to Buy Verified Payoneer Accounts for Global Freelance Payments
byjames wode
 
Buy TikTok Seller Account in 2025_ What the Term Really ....pdf
byzgaptxdary3819la63qg
 
Introduction to 4 Place for Buying Old Gmail Accounts.pdf
byhttps://topsellerit.com/product/buy-verified-paypal-accounts/
 
Where to Buying Old Gmail Accounts with Real Age and Trusted Understanding (1...
byhttps://propvaservice.com/product/buy-old-gmail-accounts/
 
ttttttttttttttttttttttttttttttttttttttttttttttttttttt
byryof
 
Instant Access to Naver Accounts_ Buy Securely Now.pdf
bybuyverifiedpaypalaccounts
 
SECURITY IN THE CONTEMPORARY WORLD PPT.pptx
bybatman2026again
 
10 Best Ways to Buy Verified Wise Accounts in the US, UK, & All Countries Sup...
byPVAISBACK.COM--Digital Marketing Self-Employed Consultant
 
Management Times by Jawaharlal Business School, Lakkidi, Palakkad
byPaul Mathew
 

EMET

Editor's Notes

  • #3 Prior-service Army, Pre-WarBoth Private Sector and Defense experience
  • #5 Man has used firewalls to protect our assets (our flock)Worked very well for a long time – only security strategyFlaming brick wall, good to goFirewalls became more advanced, so did attacksEvading firewall, going for weaker members of the flock
  • #6 These days difficult to protect the flockIt can be so difficult, in part sheep don’t protect themselves
  • #7 So what have we done?
  • #8 Building fences to corral the sheep Intended boundaries – sheep don’t knowThis worked pretty wellThen what happened?
  • #9 The pentesters come inAs soon as ASLR created, bypass naturally followed
  • #10 Security Development Lifecycle Progress Report2004 – 2010 41 consumer apps, millions of usersDEP without ASLRLine-of-business apps
  • #11 Two Drop Down listsSo what’s better than a fence?
  • #12 Sheepdog
  • #13 Version 4.0 released June 2013Version 1.0 released Oct 2009Both servers and workstationsFree utility from MS .net 4.0 – No other dependenciesNo signatures or updatingNo whitelist or blacklistNo guessingJust good programmingPart of Windows 8 STIG
  • #14 Blacklisting is deadHBSS can’t provide good defaults
  • #15 So let’s go through an EMET installation
  • #16 One choice to makeService is installed and running, launch client
  • #17 This is GUIBottom is the list of running processes
  • #20 Sheepdog
  • #21 Calls to external binary files go through the Import Address TableWorks for both static and dynamically linked dllRedirects call to windows to Shim addressWhat all this means – you don’t talk to Windows without EMET
  • #22 All happen simultaneously
  • #23 14 Default Trusted Roots – Necessary?
  • #24 Sheepdog
  • #25 Sheepdog
  • #26 Some code so bad
  • #27 Sheepdog
  • #28 Whatever you’re using now
  • #29 GPO or script through CLISupport with existing contract
  • #30 Jonathan Ness from MSSupport with valid Support Contract or through forum