Steve Hearnden

With over 20 years experience in the Anti-Virus Industry, Steve has been a key architect for change in gateway, desktop, and scanning technologies. Currently working in the kernel development team, Steve helps support the touch points between the scanning and protection technologies and the Windows operating system.

Subscribe to Steve Hearnden Blogs

More from Steve Hearnden

McAfee Labs

In NTDLL I Trust – Process Reimaging and Endpoint Security Solution Bypass

Process Reimaging Overview The Windows Operating System has inconsistencies in how it determines process image FILE_OBJECT locations, which impacts non-EDR (Endpoint Detection and Response) Endpoint Security Solution’s (such as Microsoft Defender Realtime Protection), ability to detect the correct binaries loaded in malicious processes. This inconsistency has led McAfee’s Advanced Threat ...

Subscribe to McAfee Securing Tomorrow Blogs