Detecting Novel WDAC Bypass Exploitation (Browser & Electron)
Part 10 of the WDAC detection-engineering series — detecting novel exploitation paths that bypass application control via browser memory corruption or signed Electron/Node shells, with a Sigma rule and exploit-process detection guidance.
1257 words
|
6 minutes
Detecting Catalog-Hygiene and Signing-Trust Abuse
Part 9 of the WDAC detection-engineering series — detecting abuse of Windows signature catalogs and previous-version signed script hosts to launder unsigned code past application control, with a Sigma rule and catalog-integrity monitoring guidance.
1138 words
|
6 minutes
Detecting Signed-Utility and Deserialization Abuse (InstallUtil / AddInUtil / runscripthelper)
Part 8 of the WDAC detection-engineering series — detecting signed Microsoft installers, helpers, and deserialising utilities repurposed to execute attacker code, with a Sigma rule and tuning guidance.
966 words
|
5 minutes
Detecting WSL-Family Abuse (bash / lxrun / wsl / wslconfig / wslhost)
Part 7 of the WDAC detection-engineering series — detecting Windows Subsystem for Linux binaries used to cross an application-control boundary, with a Sigma rule and WSL telemetry guidance.
954 words
|
5 minutes
Detecting UMCI Bypasses and PowerShell Constrained Language Mode Escapes
Part 6 of the WDAC detection-engineering series — detecting User-Mode Code Integrity (UMCI) bypasses and escapes from PowerShell Constrained Language Mode, with a Sigma rule and PowerShell event-log coverage.
1263 words
|
6 minutes
Detecting COM, XSL, and Script-Host Abuse (wmic /format, mshta, winrm.vbs)
Part 5 of the WDAC detection-engineering series — detecting WMIC XSL stylesheets, mshta, winrm.vbs, and COM XSL transformations used to execute attacker code from trusted interpreters, with a Sigma rule and script-engine lineage guidance.
1472 words
|
7 minutes
Detecting WDAC-as-Weapon — Catching EDR-Blinding Before the Sensor Goes Dark
Part 4 of the WDAC detection-engineering series — detecting attackers who weaponise WDAC policies to switch off EDR at boot, including malicious .cip writes, GPO policy deployment, and the heartbeat-absence "dark endpoint" detection.
1400 words
|
7 minutes
Detecting Compiler and REPL Host Abuse (msbuild / dotnet / csi / rcsi / fsi)
Part 3 of the WDAC detection-engineering series — detecting trusted developer compilers and REPL hosts repurposed to execute attacker code, with a Sigma rule and parentage tuning guidance.
1240 words
|
6 minutes
Detecting the Debugger-as-Injector (cdb / windbg / dbgsrv / WinDbgX)
Part 2 of the WDAC detection-engineering series — how to detect a Microsoft-signed debugger used to inject shellcode into a remote process, including a Sigma rule for script-driven injection and behavioural detection of thread-context manipulation.
1265 words
|
6 minutes
Detecting WDAC Bypass LOLBINs — A Baseline Image-Load Strategy
Part 1 of the WDAC detection-engineering series — a baseline strategy for catching application-control bypass LOLBINs with Sysmon image-load and process-create telemetry, with a ready-to-use Sigma rule.
1256 words
|
6 minutes
WDAC Bypass Techniques — The Complete Reference Catalog
An exhaustive, attributed catalogue of every publicly documented Windows Defender Application Control (Application Control for Business) bypass technique — LOLBINs, libraries, PowerShell/UMCI, COM/XSL, novel exploitation — plus the policy and testing tooling.
2255 words
|
11 minutes
A Field Guide to WDAC Bypass Techniques
A mechanism-grouped tour of the Windows Defender Application Control (Application Control for Business) bypass landscape — debuggers, compilers, signed utilities, COM/XSL, WSL, and novel exploitation — with pointers to the original research.
2019 words
|
10 minutes
System Hardening: A Practical Checklist and Best-Practices Guide
A category-by-category system hardening checklist for Windows and Linux — accounts, network, firewall, patching, services, logging, physical — mapped to CIS, NIST and STIG, plus the process and tooling to keep it maintained.
2254 words
|
11 minutes
DiffAttack: Breaking Through Diffusion-Based Adversarial Purification Defenses
How DiffAttack exposes vulnerabilities in diffusion-based adversarial purification, challenging the effectiveness of this popular defense approach.
2782 words
|
14 minutes
DeepTeam and promptmap2: Next-Gen LLM Red Teaming Frameworks
A deep dive into DeepTeam by Confident AI and promptmap2, two powerful open-source LLM red teaming frameworks for automated vulnerability scanning, jailbreak testing, and guardrail implementation.
864 words
|
4 minutes
Ensembles of Weak Defenses Are Not Strong: Lessons from Adversarial ML
Why combining multiple weak adversarial defenses does not produce a strong one, debunking a common misconception in AI security.
2934 words
|
15 minutes
SoK: Watermarking AI-Generated Content — IEEE S&P Distinguished Paper
A comprehensive systematization of knowledge on watermarking techniques for AI-generated content, winner of the IEEE S&P 2025 Distinguished Paper Award.
2987 words
|
15 minutes
AI Security Benchmarks and Evaluations: Measuring Model Robustness
An overview of AI security benchmarks and evaluation frameworks including ISC-Bench, JailbreakBench, AgentDojo, and AIRTBench for measuring the robustness and safety of AI systems.
821 words
|
4 minutes
TrustGen: Dynamic Benchmarking Platform for Trustworthy Generative AI
A comprehensive look at TrustGen, a dynamic benchmarking platform that evaluates the trustworthiness of generative foundation models across multiple dimensions.
2953 words
|
15 minutes
SoK: Attack and Defense Landscape of Agentic AI Systems — USENIX Security 2026
A comprehensive analysis of the Systematization of Knowledge paper from USENIX Security 2026 by Juhee Kim, Wenbo Guo, and Dawn Song, mapping the full attack and defense landscape of agentic AI systems — from prompt injection and tool poisoning to runtime sandboxing and guardrail architectures.
2731 words
|
14 minutes
AI Defense and Security Controls: Input/Output Guardrails and Model Scanning
A comprehensive guide to AI defense mechanisms including input/output guardrails (NeMo Guardrails, LlamaFirewall, llm-guard), model scanning tools (modelscan, picklescan), and AI-assisted defensive security solutions.
1070 words
|
5 minutes
MMDT: Decoding the Trustworthiness and Safety of Multimodal Foundation Models
A comprehensive benchmark for evaluating trustworthiness and safety across multimodal foundation models, revealing critical vulnerabilities.
3596 words
|
18 minutes
BIRD: Generalizable Backdoor Detection and Removal in Deep RL
How BIRD provides generalizable backdoor detection and removal for deep reinforcement learning systems.
3216 words
|
16 minutes
Adversarial Machine Learning: Attack Frameworks and Toolkits
A deep dive into adversarial machine learning attack frameworks including ART, cleverhans, TextAttack, and Counterfit for testing ML model robustness against evasion, poisoning, and extraction attacks.
1050 words
|
5 minutes