Master Of Puppets: How To Tamper The EDR?

Despite admin privileges an EDR product in Windows can be very annoying from red team perspective. Therefor we search ways to disable the EDR without relying on a uninstall password, Windows security center etc. Speaker: Daniel Feichter Daniel Feichter works since a few years as red teamer and penetration tester in Austria. His focus is on Windows environment red teaming, pentesting and research. Among other things, he is intensively engaged in AV/EDR systems under Windows OS. At the end of 2021 he decided to start his own company which is called Infosec Tirol (https://www.infosec.tirol), with which he focus on product independent offensive security services to improve the IT-Security in companies in Austria.