Concealed code execution: techniques and detection
Techniques for concealing code execution have become a favourite tool in Advanced Persistent Threat (APT) actor's arsenal because of the remarkable stealth benefits they can provide against conventional security mechanisms. Understanding how these techniques operate under the hood and having access to open-source, proof-of-concept implementations that reproduce the corresponding behaviour supports detection engineering and aids in incident response investigations.
What you get from this white paper:
- Discover the various techniques that exploit intricate aspects of the operating system to violate security assumptions and conceal code execution within a process.
- Understand the importance of staying up-to-date on evolving techniques and detection methods in the ever-changing landscape of code injection.
- Understand the need for a comprehensive approach to detect and defend against code injection, combining static, runtime, and forensic techniques for robust security measures.