Anatomy and Defense of LOTL Fileless Intrusions
Amol Sarwate
BSidesSF 2026 · Day 1 · AMC Theatre 13
This technical article delves into the intricate world of **Living Off The Land (LOTL)** and **fileless intrusions**, a pervasive and increasingly dominant threat landscape in cybersecurity. Presented by Amol Sarwate, Head of Cohesity Red Lab and Director of Security Research, this talk dissects the anatomy of such attacks, offering critical insights into their exploitation methods, real-world examples, and effective defense strategies. Sarwate's team at Red Labs specializes in detonating and studying live malware, providing a foundation of practical, empirical knowledge for this presentation.
AI review
Competent LOTL survey built on four real malware samples — solid practitioner content that earns its place at BSides SF. Nothing here is novel for anyone already working in detection engineering or threat research, but the case-study structure gives it more backbone than the average 'LOLBins are bad' overview talk.