Defending Off the Land: Agentless Defenses Available Today

This Black Hat conference talk explores novel, open-source techniques that leverage existing Windows OS capabilities to detect and alert on attackers without deploying additional agents. Learn how to counter "living-off-the-land" attack techniques by using the operating system's built-in defensive capabilities rather than relying solely on vendor products like EDR, IPS, and XDR. Presenters Jacob Torrey and Marco Slaviero demonstrate nine capabilities from a spectrum of options to improve endpoint instrumentation and defense using only in-built OS features. Discover how to strengthen your security posture by utilizing what's already available in your Windows environment instead of adding more third-party agents and appliances.