Sangfor at Defcon 2021 PR

Sangfor Technologies is proud to announce their presentation – Don't Dare to Exploit - An Attack Surface Tour of SharePoint Server – at DEFCON 29 in Las Vegas on August 7, 2021, outlining several previously unknown SharePoint attack surfaces, mitigations to these attack surfaces, and how these mitigations can be bypassed. The exploits will be demonstrated during the 45-minute presentation.

The presentation, by Sangfor BlueOps members Yuhao Weng and Zhiniang Peng, with security researcher Steven Seeley, selected from thousands submitted to DEFCON, will explain the security architecture of Microsoft SharePoint's server and how it differs from other popular Content Management System (CMS) products. From an offensive perspective, it will reveal several attack surfaces, mitigations implemented against them, and how those mitigations can be bypassed. Several high impact vulnerabilities (including CVE-2021-24072, CVE-2020-17120, and CVE-2020-17017) will be discussed detailing their discovery and exploitation.

SharePoint is the most well-known CMS used to share and manage content within organizations simplifying team collaboration. Zero-day vulnerabilities are exploited by cyber attackers to gain administrative access to networks for data theft or further infiltration and infection of the network.

DEFCON is the largest gathering of hackers from around the world, held annually in Las Vegas, Nevada, and is attended by the world's top security professionals, journalists, researchers, students, law enforcement – and yes, hackers.

Sangfor BlueOps Team 

Sangfor BlueOps, Sangfor's highly skilled defensive security testing or blue team, works to improve attack detection and defense strategies for all Sangfor's security solutions. Experienced security teams are the rock-stars of the cyber security world, keeping up with a constant flow of new cyber threats and vulnerabilities. Sangfor's BlueOps team is responsible for ensuring enterprises have the tools they need to respond effectively, identify threats quickly, and keep their software and users safe and productive.

About Sangfor Technologies

Sangfor is a leading global vendor of IT infrastructure and security solutions specializing in Cyber Security and Cloud Computing.

For more information on Sangfor's presentation, or on Sangfor's suite of security solutions such as NGFW & NDR, visit our website or social media pages.

Enjoy FREE use of the VMware ESXi version of Sangfor's Next Generation Application Firewall with free Virtual Public Network and Endpoint Secure endpoint protection, the total solution for a secure network with remote workers. Apply now.

Media Contact

Sunny Sun
Tel: +86 755-8656 0605


Listen To This Post


Get in Touch

Get in Touch with Sangfor Team for Business Inquiry

Related Articles

Press Release

Gartner Hype Cycle for ICT in China 2022. Sangfor Recognized as a Sample Vendor.

Date : 10 Aug 2022
Read Now

Press Release

2022 Gartner Hype Cycle for Workload and Network Security . Sangfor named as a Sample Vendor.

Date : 04 Aug 2022
Read Now

Press Release

Sangfor Ranked the World’s 4th Largest NDR Vendor by Revenue in 2021 Gartner® Market Share Report

Date : 29 Jun 2022
Read Now

See Other Product

Cyber Command - NDR Platform
Endpoint Secure
Internet Access Gateway (IAG)
NGAF - Next Generation Firewall (NGFW)
SASE Access
icon notification