Since his first InfoSec talk given at DerbyCon 3, Matt has made a reputation for himself demonstrating how otherwise trusted software and technology can be abused by attackers – referred to as the "living off the land" methodology. As a former malware reverse engineer, Matt has seen the extent to which attackers succeed in executing code that has no business being trusted. As such, despite regularly finding bypasses, Matt is a zealous supporter of application whitelisting as a means of preventing a majority of attacks (both opportunistic and targeted), enabling defenders to focus their detections on more capable adversaries who manage to slip silently through the cracks. Matt is very much fascinated by the concept of trust, what it means to people, and how assumptions of trust can be subverted.
Appearing at: