Vectores de ataque en EDR

Abstract

This final degree work will be focused on the analysis of the most common vulnerabilities of the services that are usually used in a company. It will also explain how they are executed and what they consist of in order to understand how these companies are protected by EDRs (Endpoint Detection Response), the types of EDRs that exist and if they are really capable of detecting and stopping all malicious processes. The project is divided in the following way: first, the goal of an attacker will be explained and analyzed; then, I will show how to find the vulnerabilities in order to achieve this goal and its possible consequences. Once compromised and the privilege escalation is done on the unprotected host, the functionality of the EDR will be tested by attacking another host which will have the EDR installed. With the development of this TFG it is expected, mainly, to promote a general idea about the world of ethical hacking and the different vulnerabilities that can be exploited in the business environment. In parallel, the thesis also aims to emphasize the great importance of security in companies and web applications. Finally, it should be added that the difficulty in carrying out the work has resided especially in the search for information about the various concepts relating to cybersecurity and the study and research into vulnerabilities and their exploitation. However, it is worth mentioning the complementarity that the internship at "Telefónica Tech" has provided me, since the work consisted of providing our customers with protection systems for the company's equipment and infrastructure, better known as EDR , a concept that will also be developed throughout the thesis.