Application Shimming

Cybrary
Course
COMING SOON

Application shimming is a powerful feature that allows for software backward compatibility across different versions of Windows OS. Adversaries manipulate this feature to bypass User Account Control, disable Data Execution Prevention, and more. Get the skills to detect this behavior and prevent adversaries from setting up shop in your organization.

Difficulty
Intermediate
CEU/CPE
2
Share
NEED TO TRAIN YOUR TEAM? LEARN MORE
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Course Description

Backward compatibility across different operating system versions has enabled the market to get necessary upgrades accomplished without sacrificing functionality. It’s not difficult to imagine how many more endpoints could be running Windows XP if this feature didn’t exist. However, any feature that is present on massive numbers of endpoints at the core of the operating system is likely to be a strong target for adversary actions. This is exactly where we find Application Shimming today.

Get the hands-on skills you need to detect and mitigate this attack in Cybrary's MITRE ATT&CK Framework courses aligned to the tactics and techniques used by financially motivated threat group FIN7. Prevent adversaries from accomplishing the tactics of Privilege Escalation and Persistence in your environment now.

Provider
Cybrary
Certificate of Completion
Certificate Of Completion

Complete this entire course to earn a Application Shimming Certificate of Completion