Andy Chuang

CHT Secueiry Co., Ltd. / Senior Security Engineer

I am currently working in the MDR team of CHT Security's Monitoring Department, focusing on endpoint detection and threat monitoring. Although my primary role is in the blue team, I have a strong passion for red team operations and frequently use open-source BAS and red team tools for testing and validation, dedicated to enhancing the information security defenses of enterprises.

Andy Chuang
SPEECH
4/15 (Tue.) 16:15 - 17:00 7F 701F Offensive Security Forum
Do you think having an EDR makes you secure? Explore how attackers bypass defense systems.

This session will delve into an emerging advanced technique designed to bypass Endpoint Detection and Response (EDR) systems. This technique enables attackers to conceal their malicious activities and evade EDR monitoring and detection by leveraging low-level Windows APIs and manipulating system call user-mode hooking mechanisms. By doing so, attackers can bypass traditional EDR defenses, evade file scanning, behavior monitoring, and other protective measures, while establishing persistent control.

More