About Show #359
Richard chats with Microsoft PFE Kurt Falde about the Enhanced Mitigation Experience Toolkit (EMET). It might be a weak name, but it's an amazing set of tools - a whole different way of defending a workstation from malware exploits. Kurt dives into how EMET can lock down PCs in a standardized way, including controlling specific SSL certificates for key web sites. But the bulk of the focus of EMET is on protecting software from changes by malware. Rather than using fingerprint matching the way typical anti-virus software works, EMET tracks known-good states of common software and stops changes to them from happening - an effective strategy for zero-day exploits!