Windows 10 Mitigation Improvements

by Matt Miller, David Weston
Sept. 17, 2017 1 comment belen_caty Apps & Hardening

In this presentation, we'll share more details on how this analysis is performed at Microsoft, how it has helped drive improvements, and how we have measured the success of those improvements. This presentation will also describe Microsoft's unique proactive approach to software security assurance which embraces offensive security research and extends traditional "red team" operations into the software security world. This approach replaces traditional software security design and implementation reviews with a true end-to-end simulation of attacks in the wild by spanning vulnerability discovery, exploit development, and mitigation bypass identification. This approach enables Microsoft to concretely evaluate the effectiveness of mitigations, identify gaps in protection, and provide concrete metrics on the cost and resources required to develop an exploit in a given scenario.

Steven Ulm 8 months ago

Your analysis is simply great! Well-researched, clearly explained and with a lot of undeniable arguments! It was a pleasure reading it!