SafeBreach Experts Demoing New Security Tools, 0-Days at Black Hat and DEFCON 2021

SafeBreach Labs will be presenting two sessions at Black Hat and DEFCON 2021:

  • hAFL1: Our Journey of Fuzzing Hyper-V and Discovering a 0-Day
  • Our Journey Back To The Future Of Windows Vulnerabilities and the 0-days we brought back with us

Sunnyvale, California — July 20, 2021. SafeBreach, provider of the leading continuous security validation platform in large and global-scale enterprises to validate security controls, today announced its experts will again present novel insights and research discovering two critical 0-day vulnerabilities at the upcoming Black Hat USA and DEFCON 2021 conference in Las Vegas, Nevada. Among the premier cybersecurity events in the world, the annual conference convenes the most innovative and creative researchers and hackers to present new exploits, discuss trends and findings, and collaborate on pressing cybersecurity policy issues. This is the fourth consecutive year that SafeBreach researchers have presented findings.

Senior Security Researcher Peleg Hadar and Guardicore’s Security Researcher Ophir Harpaz will present “hAFL1: Our Journey of Fuzzing Hyper-V and Discovering a 0-Day“ on the Reverse Engineer and Cloud + Platform Security tracks on August 4 at 10:20 am PT at Black Hat. The talk will present hAFL1, a novel kAFL-based fuzzing infrastructure for Hyper-V devices, and demonstrate how hAFL1 was recently used to identify a critical 0-day in Hyper-V vmswitch - an arbitrary read vulnerability that, until only a few weeks ago, could take down big portions of Azure cloud infrastructure.

SafeBreach Labs director of security research Tomer Bar and security Researcher Eran Segal, will present “Our Journey Back To The Future Of Windows Vulnerabilities and the 0-days we brought back with us” on the Demo, Tool, and Exploit tracks on August 6 at 11:00am PT at DEFCON. The talk will present the results of a “time travel” experiment to go back to 2016 to search for patterns of Windows vulnerabilities since then and automatically classify those vulnerabilities to build a database of across all patch-diffs for that period. The researchers will show how they used the database to discover root causes of multiple classes of vulnerabilities to highlight opportunities for exploitation which led to the discovery of multiple additional unpatched exploits based on past exploits and root cause groupings. The team will then demonstrate the tools they created for this novel analysis and explain how other researchers can use them to more efficiently identify exploits by sifting through patterns illuminated through classification and grouped analysis of 0-days and vulnerabilities.

About SafeBreach

SafeBreach is the world’s most widely used continuous security validation platform in large and global scale enterprises. The patented SafeBreach platform empowers CISOs and their teams to validate security controls, maximize their effectiveness, and drive down risk. SafeBreach provides a "hacker’s view" of an enterprise’s security posture by continuously validating security controls. The platform presents findings in customized dashboards, enabling stakeholders to focus on the biggest risks to the organization. SafeBreach automatically and safely executes thousands of attack methods to validate network, endpoint, cloud, container and email security controls against its Hacker’s Playbook™, the world’s largest collection of attack data broken down by methods, tactics and threat actors. Data from SafeBreach validations can improve SOC team responses and empower management teams to make smarter decisions to better manage risk and invest resources. Headquartered in Sunnyvale, California, the company is funded by Sequoia Capital, Deutsche Telekom Capital Partners, OCV Partners, DNX Ventures, Hewlett Packard Pathfinder, PayPal and investor Shlomo Kramer. For more information, visit or follow us on LinkedIn.

Media Contact:

Corinna Krueger, VP Marketing, SafeBreach | 510-219-3634


  • 111 W Evelyn Ave
  • Sunnyvale, CA94086
  • USA
  • 408-743-5279

R&D Center

  • Yosef Karo St 18
  • Tel Aviv-Yafo,
  • Israel
  • +972-77-434-4506
© SafeBreach Inc. 2022