SecTalks Perth 0x6D

Sectalks 0x6D

Please make sure to reach out if you want to Submit a talk, you can either;

Reach out to a Sectalks Organiser directly

New form coming soon (:tm:)

-----------------------

# 0 - Writing Windows Unit Tests: Telemetry bugs are security vulnerabilities too

With the introduction of Kernel Patch Protection, Microsoft created a shared responsibility model where security vendors are now limited to only the kernel visibility and extension points that Microsoft provides. This means that Microsoft is responsible for a) providing the necessary kernel telemetry, and b) servicing bugs in existing kernel telemetry.

So I wrote some Windows telemetry unit tests.

This talk will cover various bugs and other code smells in the security-relevant telemetry generated by Windows.

John Uhlmann (he/him) does Windows Endpoint Security R&D at a startup. He previously led R&D for the Windows EDR agent at Elastic and was a Technical Director at the Australian Cyber Security Centre.

# 1 - Bar?

After some chit chat from the talk, let's head to the bar downstairs, mingle, and chat (we still don't have a
better idea for a bar)