BoF: How Open Source Project Xen Puts Security Software Vendors Ahead of Emerging Threats
This presentation covers a real-world case study of Bitdefender Hypervisor Introspection (HVI) that is based on Xen Project software. On April 14th, The Shadow Brokers released the Eternalblue exploit …
| Talk Title | BoF: How Open Source Project Xen Puts Security Software Vendors Ahead of Emerging Threats |
| Speakers | Mihai Donțu (Engineering Manager, Bitdefender), Andrei Florescu (Senior Solutions Architect, Bitdefender) |
| Conference | Open Source Summit Europe |
| Conf Tag | |
| Location | Prague, Czech Republic |
| Date | Oct 21-27, 2017 |
| URL | Talk Page |
| Slides | Talk Slides |
| Video | |
This presentation covers a real-world case study of Bitdefender Hypervisor Introspection (HVI) that is based on Xen Project software. On April 14th, The Shadow Brokers released the Eternalblue exploit toolkit, which exploited an SMBv1 vulnerability across a wide range of Windows operating systems. The exploit was most famously used as a propagation mechanism for the WannaCryransomware. HVI prevented exploitation attempts with no prior knowledge of the exploit or underlying vulnerability. This talk will cover the exploit mechanism, how HVI detects its actions, and illustrate some of the advantages of HVI built through open source collaboration. Audience members will takeaway a better understanding of this type of exploit and how something like hypervisor introspection and security through a hypervisor approach can help companies avoid these types of new exploits.
