March 29, 2015

Although already a few months old, this little video from the folks at Offensive Security shows that often a system designed to protect the endpoints (like in this case a Symantec solution) becomes the actual entry point for a breach. We had similar experiences with other vendor security solutions.

This highlights the need of proper Penetration Testing rather than just Vulnerability Scanning. A vulnerability scanner only detects vulnerabilities already known, but can’t detect any not-known flaws. This is where the human Pentester thinking out of the box comes in.

Symantec Endpoint Protection Privilege Escalation 0day from Offensive Security on Vimeo.