The Art of EDR Detection: Strengthening Detection Capabilities Through Evasion Techniques
As enterprises increasingly prioritize cybersecurity, Endpoint Detection and Response (EDR) has become a critical defense tool. However, as adversaries continuously refine their tactics, the arms race between blue teams and red teams grows ever more intense. In this ongoing battle, every improvement in detection is met with new evasion techniques, driving a continuous cycle of adaptation and escalation.
In this session, we will explore the evolution of EDR detection strategies in recent years and analyze how attackers leverage obfuscation techniques to conceal malicious activities, abuse Windows Subsystem for Linux (WSL) to bypass traditional security solutions, and exploit Windows Filtering Platform (WFP)—as seen in EDRSilencer—to manipulate EDR operations. Through real-world case studies, we will examine the challenges these techniques pose to EDR detection and discuss how blue teams can develop proactive defense strategies, shifting from reactive detection to active deception, ensuring EDR remains a step ahead in the ever-evolving threat landscape.
TOPIC / TRACK
Offensive Security Forum
LOCATION
Taipei Nangang Exhibition Center, Hall 2
7F 703
LEVEL
General General sessions explore new
cybersecurity knowledge and
non-technical topics, ideal for those with limited or no
prior cybersecurity knowledge.
SESSION TYPE
Breakout Session
LANGUAGE
Chinese
SUBTOPIC
Windows
Endpoint Detection & Response
CYBERSEC 2025 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy 。