There is very little salient information about Windows kernel auditing and kernel exploitation techniques. This is probably due to the nature of the security industry these days. Bugs are getting harder to find, so techniques tend to be closely held. There have been some "primer" presentations on windows kernel security ("Attacking the Windows Kernel" NGSSoftware, etc) and some very specific kernel exploitation presentations on specific bugs. This presentation is more on "lessons learned" while developing kernel security auditing tools for the Windows kernel.