IT Security Horrors That Keep You Up at Night
|
|
- Kristin Rodgers
- 5 years ago
- Views:
Transcription
1 IT Security Horrors That Keep You Up at Night and How to Stop Them! Brian Johnson 7 Minute Security Jeff Melnick Systems Engineer
2 Agenda Introductions My epic breach response fail (a tale of tears and fears) IT security horrors that keep you up at night and how to stop em! Prize Drawing
3 Who s this guy? Security engineer for 7 Minute Security Podcaster Not famous Jumpy hunter
4 My First Breach Response A Tale of Tears and Fears
5
6
7 Application log
8 System log
9 Security log
10 Firewall log
11 Which made me feel like
12 If that wasn t bad enough Spotty AV deployment Cringe-worthy patching No logging of anything Weak password policy
13 Verdict: burn and rebuild
14 Let us not suffer the same fate!
15 Chucky VS Andy
16 Lets defend Child s Play Inc.!
17 Chucky s attack playbook Phish Andy Abuse bad domain passwords Abuse bad local admin passwords Responder attack SMB signing attack
18 Subject: Pictures of Tiffany!
19 Deleted!
20 Subject: Chucky lives!
21 Subject: Chucky lives!
22 Subject: Chucky lives!
23 Abusing weak passwords 1. Try Winter2017! for all domain users 2. Wait a while Winter2017 Spring2018 Summer2018 Password1 P@ssword Try another weak password 4. Repeat steps 1-3 as necessary
24
25 How do we fix bad passwords? Up the minimum to 15? 20? 30?
26 Fixing bad passwords (per Microsoft) 8+ characters (longer not always better i.e. WinterWinter2017) Educate users to use unique passwords per account Turn on MFA everywhere you can Ban bad passwords (whaaa? How?)
27 Setting your Active Directory password Andy Hi, I d like to change my password to Winter2017! Domain controller Sure one sec, let me check the password requirements!
28 Setting your Active Directory password Andy Domain controller That works thanks much!
29 Banning bad passwords: 3 options 1. CredDefense 2. Pwned Passwords DLL 3. SafePass.me
30 Option 1: CredDefense A suite of tools to help you boost your network defenses! My favorite feature? A better password filter!
31 Setting your Active Directory password + Andy Hi, I d like to change my password to Winter2017! Domain controller Sure one sec, let me check the password requirements!
32 Setting your Active Directory password Andy Domain controller Ok. Let me query CredDefense s bad passwords list +
33 Setting your Active Directory password + Andy Domain controller No can do! This password is on the naughty list!
34 Option 2: PwnedPasswords
35 Option 2: PwnedPasswords Pros: Open source Cons: Requires Visual Studio tinkering
36 Setting your Active Directory password + Andy Hi, I d like to change my password to Winter2017! Domain controller Sure one sec, let me check the password requirements!
37 Setting your Active Directory password + Andy Domain controller Ok. Let me query the Pwned Passwords list
38 Setting your Active Directory password + Andy Domain controller Sorry! Try again!
39 Option 2: PwnedPasswords making custom lists
40 Option 2: PwnedPasswords A word of warning:
41 Option 2: PwnedPasswords Some real world PwnedPasswords stats Company with 11k users: Passwords cracked: 6,000 Passwords in PwnedPasswords database: 1,500 25% of cracked passwords were already pwned!
42 Option 3: SafePass.me Pros: Single ~500mb download in MSI format Easy to install Cons: ~$700 USD Closed source ( What s it doing? )
43 Chucky s attack playbook Phish Andy worked! Abuse bad domain passwords worked! Abuse bad local admin passwords Responder attack SMB signing attack
44 Abusing bad local admin passwords Often the same password across many/all machines!
45 Abusing bad local admin passwords
46 Abusing bad local admin passwords Nica s PC File server ihatechucky server Andy s PC Database server App server
47 LAPS (Local Administrator Password Solution) Free (!) from Microsoft Creates strong/random Administrator password per machine Creds are stored securely in Active Directory
48 LAPS (Local Administrator Password Solution) Requirements: A few GPOs to push LAPS install A workstation to manage LAPS from
49 LAPS (Local Administrator Password Solution)
50 LAPS (Local Administrator Password Solution)
51 Lateral movement? NOPE! File server Nope! ihatechucky Nica s PC Nope! server Nope! Andy s PC Nope! Database server Nope! App server Nope!
52 Full LAPS install write-up
53 Chucky s attack playbook Phish Andy worked! Abuse bad domain passwords worked! Abuse bad local admin passwords worked! Responder attack SMB signing attack
54 Responder attack
55 Responder attack
56 Responder attacks Andy s PC Hey, do you know CP-SRVV01? Sorry, no. DNS server Anybody else? (NBT-NS & LLMNR broadcast) Yes! That s me! Send credentials! You got it! Here it comes! EhhehaeehaheAHAHAHEHAHAOHOAHA!!! Chucky
57
58 Defending against Responder
59 Defending against Responder Careful! Stuff can break!
60 Defending against Responder Comes armed with. ResponderGuard!
61 Defending against Responder
62 Defending against Responder
63 Defending against Responder
64 Chucky s attack playbook Phish Andy worked! Abuse bad domain passwords worked! Abuse bad local admin passwords worked! Responder attack worked! SMB signing attack
65 Abusing SMB signing SMB (Server Message Block) is the file protocol commonly used by Windows Used for client/server file sharing SMB is unsigned in many networks (maybe yours?)
66 Abusing SMB signing
67 Abusing SMB signing
68 Abusing SMB signing
69 Abusing SMB signing Powershell Empire + Responder + Ntlmrelay + DeathStar = FUN!
70 Abusing SMB signing Wait for it
71 Chucky s attack playbook Phish Andy worked! Abuse bad domain passwords worked! Abuse bad local admin passwords worked! Responder attack worked! SMB signing attack worked! Chucky wins! What else could we do to catch him?
72 One more thing: stop Chucky with WEFFLES! WEFFLES (Windows Event Logging Forensic Logging Enhancement Services) Not this!
73 Collecting logs with WEFFLES Nica s PC File server WEFFLES server server Andy s PC Database server App server
74 WEFFLES Event 1102: Somebody cleared the security log!
75 WEFFLES Event 4720: New user accounts created
76 WEFFLES
77 Recap Use good passwords on domain and local accounts CredDefense / PwnedPasswords / LAPS can help! Respond to Responder attacks Turn on SMB signing Not collecting logs? Start free w/weffles! Scan and patch all your network things!
78 NETWRIX AUDITOR Identify, Classify and Secure Sensitive Data
79 About Netwrix Auditor Netwrix Auditor A visibility platform for user behavior analysis and risk mitigation that enables control over changes, configurations and access in hybrid IT environments. It provides security intelligence to identify security holes, detect anomalies in user behavior and investigate threat patterns in time to prevent real damage.
80 Netwrix Auditor Unified Platform Netwrix Auditor Platform Netwrix Auditor for Active Directory Netwrix Auditor for Azure AD Netwrix Auditor for Exchange Netwrix Auditor for Office 365 Netwrix Auditor for Windows Server Netwrix Auditor for Windows File Servers Netwrix Auditor for EMC Netwrix Auditor for NetApp Netwrix Auditor for SharePoint Netwrix Auditor for Network Devices Netwrix Auditor for Oracle Database Netwrix Auditor for SQL Server Netwrix Auditor for VMware
81 INTRODUCING NETWRIX AUDITOR 9.7 Detect and Block Attacks on Your Network Devices Thursday, November 11AM PT / 2 PM ET
82 PRODUCT DEMONSTRATION
83 Next Steps Free trial: Set up Netwrix Auditor in your own test environment netwrix.com/auditor9.7 Virtual appliance: Get Netwrix Auditor up and running in minutes netwrix.com/go/appliance In-browser demo: Run a demo right in your browser with no need to install anything netwrix.com/go/browser_demo Upcoming and on-demand webinars : Join upcoming webinars or watch recorded ones netwrix.com/webinars netwrix.com/webinars#featured
84 Questions?
85 Thank (podcast)
4 Ways Your Organization Can Be Hacked
Behind the Scenes 4 Ways Your Organization Can Be Hacked Brian Johnson President, 7 Minute Security Jeff Melnick Netwrix, Systems Engineer Agenda Quick introductions The ways your organization can be hacked
More informationWhat s New in Netwrix Auditor 9.7
What s New in Netwrix Auditor 9.7 Jeff Melnick Manager, Pre-Sales Engineering Jeff.Melnick@netwrix.com Agenda What s New in Netwrix Auditor 9.7 Briefly About Netwrix Auditor Q&A Prize Drawing INTRODUCING
More informationThe 3 Pillars of SharePoint Security
The 3 Pillars of SharePoint Security Liam Cleary CEO/Owner SharePlicity Jeff Melnick Systems Engineer Netwrix Corporation AGENDA The Problem Attack Vectors Intranet, Extranet and Public Facing Proactive
More informationNetwrix Auditor. Visibility platform for user behavior analysis and risk mitigation. Mason Takacs Systems Engineer
Netwrix Auditor Visibility platform for user behavior analysis and risk mitigation Mason Takacs Systems Engineer Agenda Product Overview Product Demonstration Q&A About Netwrix Auditor Netwrix Auditor
More informationMonitoring Active Directory: Both Azure AD and On-Premise AD and How Synchronization and Federation Play In
Monitoring Active Directory: Both Azure AD and On-Premise AD and How Synchronization and Federation Play In Sponsored by 2016 Monterey Technology Group Inc. Thanks to Made possible by Preview of key points
More informationWhat s New in Netwrix Auditor 8.0. PRESENTER: Jeff Melnick Manager of Sales Engineering x 971
What s New in Netwrix Auditor 8.0 PRESENTER: Jeff Melnick Manager of Sales Engineering Jeff.Melnick@netwrix.com 888-638-9749 x 971 How to Ask Questions 1. Type your question here 2. Click Send Agenda What
More informationWhat s New in Netwrix Auditor 9.5
What s New in Netwrix Auditor 9.5 Presenter: Jeff Melnick Systems Engineer Jeff.Melnick@netwrix.com Housekeeping All attendees are on mute Ask your questions! Questions will be answered during the session
More informationHacker Explains Privilege Escalation: How Hackers Get Elevated Permissions
Hacker Explains Privilege Escalation: How Hackers Get Elevated Permissions Liam Cleary Solution Architect Protiviti Jeff Melnick Systems Engineer Netwrix Corporation Agenda Elevation Escalation Prevention
More informationTop Critical Changes to Audit
Top Critical Changes to Audit in Microsoft SharePoint PRESENTER: Roy Lopez Systems Engineer Roy.Lopez@netwrix.com 1.201.490.8840 x2833 How to Ask Questions 1. Type your question here 2. Click Send Agenda
More informationNetwrix Auditor. Know Your Data. Protect What Matters. Roy Lopez Solutions Engineer
Netwrix Auditor Know Your Data. Protect What Matters. Roy Lopez Solutions Engineer Agenda Company overview Briefly about Netwrix Auditor Netwrix Auditor Data Discovery and Classification Edition Product
More informationProduct Overview. Netwrix Auditor. Presenter: Jeff Melnick Manager of Sales Engineering x 971
Product Overview Netwrix Auditor Presenter: Jeff Melnick Manager of Sales Engineering Jeff.Melnick@netwrix.com 888-638-9749 x 971 About Netwrix Corporation Year of foundation: 2006 Headquarters location:
More informationWithstanding Ransomware Attack: A Step-by-Step Guide Presenter:
Withstanding Ransomware Attack: A Step-by-Step Guide Presenter: Jeff Melnick Manager of Sales Engineering Jeff.Melnick@netwrix.com 888-638-9749 x 971 How to Ask Questions Type your question here Click
More informationTop 5 NetApp Filer Incidents You Need Visibility Into
Top 5 NetApp Filer Incidents You Need Visibility Into www.netwrix.com Toll-free: 888-638-9749 Table of Contents #1: Failed NetApp Filer Activity #2: Activity Involving Potentially Harmful Files #3: Anomalous
More informationTop 5 Oracle Database Incidents You Need Visibility Into
Top 5 Oracle Database Incidents You Need Visibility Into www.netwrix.com Toll-free: 888-638-9749 Table of Contents #1: Table and Record Deletions #2: Role and Privilege Escalation #3: Failed Activity by
More informationTop 7 Questions to Assess Data Security in the Enterprise
Top 7 Questions to Assess Data Security in the Enterprise Presenters: Nick Cavalancia Techvangelism Jeff Melnick Manager, Sales Engineering Jeff.Melnick@netwrix.com 888-638-9749 x 971 Agenda Security Breaches
More informationWhat the GDPR is and how to deal with it. Russell McDermott Sales Engineer +44 (0) x 2208
What the GDPR is and how to deal with it Russell McDermott Sales Engineer Russell.Mcdermott@netwrix.com +44 (0) 203 588 3023 x 2208 How to Ask Questions Type your question here Click Send Agenda What the
More informationOutsmarting Ransomware: Hints and Tricks. Netwrix Corporation Adam Stetson System Engineer
Outsmarting Ransomware: Hints and Tricks Netwrix Corporation Adam Stetson System Engineer How to Ask Questions Type your question here Click Send Agenda Ransomware Trends 9 Hints and Tricks: How to Outsmart
More informationTracking changes in Hybrid Identity environments with both Active Directory and Azure Active Directory
Tracking changes in Hybrid Identity environments with both Active Directory and Azure Active Directory Presenters: Sander Berkouwer Senior Consultant at SCCT 10-fold Microsoft MVP Active Directory aficionado
More informationBecome an Active Directory Auditing Superstar: an all-in-one guide!
Become an Active Directory Auditing Superstar: an all-in-one guide! Part 2: Deep Dive Speakers Adam Bertram Microsoft MVP, Technical Writer Jeff Melnick Manager, Sales Engineering Jeff.Melnick@netwrix.com
More informationDon't 'WannaCry' No More: How to Shield Your IT Infrastructure from Ransomware. Netwrix Corporation Roy Lopez System Engineer
Don't 'WannaCry' No More: How to Shield Your IT Infrastructure from Ransomware Netwrix Corporation Roy Lopez System Engineer How to Ask Questions Type your question here Click Send Agenda Ransomware Trends
More informationBack to Basics IT Infrastructure Configuration Tips & Tricks Active Directory / Group Policy / Exchange
Back to Basics IT Infrastructure Configuration Tips & Tricks Active Directory / Group Policy / Exchange Presenter: Danny Murphy Sr. Sales Engineer, Netwrix Corporation Danny.Murphy@netwrix.com +44 (0)
More informationSummoning the Password Cracking Beast
Password 123456 Summoning the Password Cracking Beast Brian Johnson Security Enthusiast / Podcaster 7 Minute Security Jeff Melnick Solutions Engineer Netwrix Agenda Introduction Build an awesome cloud-based
More informationNetwrix Virtual. Customer Summit 2016
Netwrix Virtual Customer Summit 2016 Welcome Michael Fimin Chief Executive Officer Phone: 1.949.407.5125 x1057 Email: Michael.Fimin@netwrix.com linkedin.com/in/michaelfimin Agenda Michael Fimin Chief Executive
More informationExpert Webinar: Hacking Your Windows IT Environment
Expert Webinar: Hacking Your Windows IT Environment Presenters: Liam Cleary Microsoft MVP, Blogger helloitsliam@protonmail.com Jeff Melnick Pre-Sales Director, Netwrix Jeff.Melnick@netwrix.com www.helloitsliam.com
More informationHow to Survive an IT Audit and Thrive Off It!
How to Survive an IT Audit and Thrive Off It! Presenter: Adam Stetson Presales Engineer Adam.Stetson@netwrix.com 1.201.490.8840 x2907 Agenda Compliance Overview Continuous Compliance Control Processes
More informationNetwrix Auditor for File Servers and SQL Server
Product Demo Netwrix Auditor for File Servers and SQL Server Presenter: Bradford Eadie Presales Engineer Bradford.Eadie@netwrix.com 1.201.490.8840 x2822 About Netwrix Corporation Year of foundation: 2006
More informationSpectre, Meltdown, and the Impact of Security Vulnerabilities on your IT Environment. Orin Jeff Melnick
Spectre, Meltdown, and the Impact of Security Vulnerabilities on your IT Environment Orin Thomas @orinthomas Jeff Melnick Jeff.Melnick@Netwrix.com In this session Vulnerability types Spectre Meltdown Spectre
More informationHOW TO MAXIMIZE THE VALUE OF YOUR SPLUNK INVESTMENT. PRESENTER: Adam Stetson Presales Engineer
HOW TO MAXIMIZE THE VALUE OF YOUR SPLUNK INVESTMENT PRESENTER: Adam Stetson Presales Engineer Adam.Stetson@netwrix.com 1.201.490.8840 x2907 About Netwrix Corporation Year of foundation: 2006 Headquarters
More informationKeeping Tabs on the Top 3 Critical SharePoint Changes with Netwrix Auditor
Keeping Tabs on the Top 3 Critical SharePoint Changes with Netwrix Auditor www.netwrix.com Toll-free: 888.638.9749 Table of Contents #1: SharePoint Site Changes #2: SharePoint Content Changes #3: SharePoint
More informationInstall and Configure Active Directory Domain Services
Active Directory 101 Install and Configure Active Directory Domain Services Sander Berkouwer CTO at SCCT 10-fold Microsoft MVP Active Directory aficionado Daniel Goater Systems Engineer Netwrix Active
More informationHow Breaches Really Happen
How Breaches Really Happen www.10dsecurity.com About Dedicated Information Security Firm Clients Nationwide, primarily in financial industry Services Penetration Testing Social Engineering Vulnerability
More informationPremediation. The Art of Proactive Remediation. Matthew McWhirt, Senior Manager Manfred Erjak, Principal Consultant OCTOBER 1 4, 2018 WASHINGTON, D.C.
Premediation The Art of Proactive Remediation Matthew McWhirt, Senior Manager Manfred Erjak, Principal Consultant OCTOBER 1 4, 2018 WASHINGTON, D.C. Overview Case Study Remediation Overview Premediation
More informationJoe Stocker, CISSP, MCITP, VTSP Patriot Consulting
Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting Microsoft Cloud Evangelist at Patriot Consulting Principal Systems Architect with 17 Years of experience Technical certifications: MCSE, MCITP Office
More informationCYBER RISK MANAGEMENT: ADDRESSING THE CHALLENGE SIMON CRUMPLIN, FOUNDER & CEO
CYBER RISK MANAGEMENT: ADDRESSING THE CHALLENGE SIMON CRUMPLIN, FOUNDER & CEO INFORMATION SECURITY PAINS CISO RESPONSIBILITY WITHOUT AUTHORITY INVENTORY TO MANAGE ALERTS WITHOUT MEANING ASSETS SPREAD ACROSS
More informationPCI DSS Requirements. and Netwrix Auditor Mapping. Toll-free:
PCI DSS Requirements and Netwrix Auditor Mapping www.netwrix.com Toll-free: 888-638-9749 About PCI DSS The Payment Card Industry Data Security Standard (PCI DSS) was developed to encourage and enhance
More informationWHITEPAPER ATTIVO NETWORKS THREATDEFEND PLATFORM AND THE MITRE ATT&CK MATRIX
WHITEPAPER ATTIVO NETWORKS THREATDEFEND PLATFORM AND THE MITRE ATT&CK MATRIX 1 INTRODUCTION The MITRE Corporation Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK ) Matrix provides a model
More informationComputers Gone Rogue. Abusing Computer Accounts to Gain Control in an Active Directory Environment. Marina Simakov & Itai Grady
Computers Gone Rogue Abusing Computer Accounts to Gain Control in an Active Directory Environment Marina Simakov & Itai Grady Motivation Credentials are a high value target for attackers No need for 0-day
More informationISO/IEC Controls
ISO/IEC 27001 Controls and Netwrix Auditor Mapping www.netwrix.com Toll-free: 888-638-9749 About ISO/IEC 27001 ISO/IEC 27001 is an international standard that provides requirements for establishing, implementing,
More information7 EASY ATTACKS AGAINST ACTIVE DIRECTORY
NEW TITLE: 7 EASY ATTACKS AGAINST ACTIVE DIRECTORY And How to Prevent Them Through Good Practices and a Little Group Policy ABOUT ME Kevin McBride Security Specialist at Meridian Credit Union 12 years
More informationManage and Maintain Active Directory Domain Services
Active Directory 101 Manage and Maintain Active Directory Domain Services Sander Berkouwer CTO at SCCT 10-fold Microsoft MVP Active Directory aficionado Daniel Goater Systems Engineer Netwrix Active Directory
More informationGo mobile. Stay in control.
Go mobile. Stay in control. Enterprise Mobility + Security Jeff Alexander Sr. Technical Evangelist http://about.me/jeffa36 Mobile-first, cloud-first reality 63% 80% 0.6% Data breaches Shadow IT IT Budget
More informationSOX/COBIT Framework. and Netwrix Auditor Mapping. Toll-free:
SOX/COBIT Framework and Netwrix Auditor Mapping www.netwrix.com Toll-free: 888-638-9749 About SOX All public companies in the U.S. are subject to Sarbanes Oxley (SOX) compliance without exceptions. SOX
More informationHow the Privileged User Stole Christmas
Netwrix Security Talk How the Privileged User Stole Christmas Dave Matthews Systems Engineer at Netwrix Agenda 1. Issues security pros are talking about 2. Privileged User Portrait 3. Privileged Account
More informationNetwrix Auditor for SQL Server
Netwrix Auditor for SQL Server Quick-Start Guide Version: 9.5 10/25/2017 Legal Notice The information in this publication is furnished for information use only, and does not constitute a commitment from
More informationColin Gibbens Director, Product Management
SOAR = Human Intelligence and Creativity at Speed of Machine Abhishek Narula EVP, Head of Product and Engineering Colin Gibbens Director, Product Management 1 2 What is Security Orchestration Why do I
More informationIT Security Training MS-500: Microsoft 365 Security Administration. Upcoming Dates. Course Description. Course Outline $2,
IT Security Training MS-500: Microsoft 365 Security Administration $2,595.00 4 Days Upcoming Dates Course Description Day 1: Managing Microsoft 365 Identity and Access (MS-500T01-A) Help protect against
More informationHIPAA Requirements. and Netwrix Auditor Mapping. Toll-free:
HIPAA Requirements and Netwrix Auditor Mapping www.netwrix.com Toll-free: 888-638-9749 About HIPAA The Health Insurance Portability and Accountability Act (HIPAA) is a set of standards created by Congress
More informationRick Redman, Title, KoreLogic Governance, Risk & Compliance G24
Succe What Audits Miss & How Penetration Testers Abuse Those Gaps Rick Redman, Title, KoreLogic Governance, Risk & Compliance G24 CRISC CGEIT CISM CISA Intro Rick Redman / Minga / @CrackMeIfYouCan KoreLogic.com
More information10 Ways Credit Unions Get PWNED
10 Ways Credit Unions Get PWNED NASCUS 2017 Investment advisory services are offered through CliftonLarsonAllen Wealth Advisors, LLC, an SEC-registered investment advisor. Intro I am going to share with
More informationAssessing Your Incident Response Capabilities Do You Have What it Takes?
Assessing Your Incident Response Capabilities Do You Have What it Takes? March 31, 2017 Presenters Tim L. Bryan, CPA/CFF/CITP, CISA, EnCE Director, Advisory Services Forensic Technology & Investigation
More informationNetwrix Auditor Add-on for Solarwinds Log & Event Manager
Netwrix Auditor Add-on for Solarwinds Log & Event Manager Quick-Start Guide Version: 9.5 10/4/2017 Legal Notice The information in this publication is furnished for information use only, and does not constitute
More informationWindows 10. scalable IT services & solutions. October 25, Bruce Ward, VP of Business Strategy. Dan Sharp, Senior Consultant
Windows 10 October 25, 2018 Helping you grow your business with Bruce Ward, VP of Business Strategy scalable IT services & solutions Dan Sharp, Senior Consultant for today s challenges & tomorrow s vision.
More informationEngineering Robust Server Software
Engineering Robust Server Software Defense In Depth You Are Building YourAwesomeSite.com Django Built In Authen Sanitization Distrust clients Use all the best practices you know 2 You Are Building YourAwesomeSite.com
More informationResponder for Purple Teams
Responder for Purple Teams Responder for Purple Teams whoami Why this talk? Responder Overview Related Tools WPAD Attack Analyse Mode Defense whoami Full-Spectrum Cyber Person Nearly 20 years of this stuff
More informationMicrosoft Exam
Volume: 59 Questions Question: 1 Your network contains an Active Directory forest named contoso.com. The forest functional level is Windows Server 2012. All servers run Windows Server 2016. You create
More informationProtecting Against Modern Attacks. Protection Against Modern Attack Vectors
Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches
More informationPCI Compliance Assessment Module with Inspector
Quick Start Guide PCI Compliance Assessment Module with Inspector Instructions to Perform a PCI Compliance Assessment Performing a PCI Compliance Assessment (with Inspector) 2 PCI Compliance Assessment
More informationOne-Click to OWA Track 3. William Martin
One-Click to OWA Track 3 William Martin (@QuickBreach) > whoami William Martin OSCP Penetration Tester Supervisor at RSM US LLP in Charlotte, NC First time presenting at DEFCON Twitter: @QuickBreach >
More informationInstallation of LAPS Password Management Demo Deployment
Installation of LAPS Password Management Demo Deployment Version: 1.0 Last Modified: 2017.11.2 Installation The content of this document is property of Omni Technology Solutions, Inc. All Rights Reserved.
More informationEthical Hackers Perspective Things that Make a Hacker's Job Easy
WEALTH ADVISORY OUTSOURCING AUDIT, TAX, AND CONSULTING Investment advisory services are offered through CliftonLarsonAllen Wealth Advisors, LLC, an SEC-registered investment advisor Ethical Hackers Perspective
More informationCritical Hygiene for Preventing Major Breaches
SESSION ID: CXO-F02 Critical Hygiene for Preventing Major Breaches Jonathan Trull Microsoft Enterprise Cybersecurity Group @jonathantrull Tony Sager Center for Internet Security @CISecurity Mark Simos
More informationUn SOC avanzato per una efficace risposta al cybercrime
Un SOC avanzato per una efficace risposta al cybercrime Identificazione e conferma di un incidente @RSAEMEA #RSAEMEASummit @masiste75 Mauro Costantini - Presales Consultant Agenda A look into the threat
More informationWindows. Not just for houses
Windows Not just for houses Everyone Uses Windows! (sorry James!) Users Accounts to separate people on a computer Multiple user accounts on a computer Ex) shared family computer Access level can be set
More informationA YEAR OF PURPLE. By Ryan Shepherd
A YEAR OF PURPLE By Ryan Shepherd WHOAMI DETECTION and RESPONSE Investigator for Countercept Threat Hunter PURPLE Team Consultant Offensive Security Certified Professional (OSCP) Crest Registered Intrusion
More informationHIPAA Compliance Assessment Module
Quick Start Guide HIPAA Compliance Assessment Module Instructions to Perform a HIPAA Compliance Assessment Performing a HIPAA Compliance Assessment 2 HIPAA Compliance Assessment Overview 2 What You Will
More informationNetwrix Auditor. Administration Guide. Version: /31/2017
Netwrix Auditor Administration Guide Version: 9.5 10/31/2017 Legal Notice The information in this publication is furnished for information use only, and does not constitute a commitment from Netwrix Corporation
More informationNetwrix Auditor Add-on for Privileged User Monitoring
Netwrix Auditor Add-on for Privileged User Monitoring Quick-Start Guide Version: 9.6 5/8/2018 Legal Notice The information in this publication is furnished for information use only, and does not constitute
More informationAbout The Presentation 11/3/2017. Hacker HiJinx-Human Ways to Steal Data. Who We Are? Ethical Hackers & Security Consultants
November 3, 2017 Hacker HiJinx-Human Ways to Steal Data Who We Are? Ethical Hackers & Security Consultants Respond To Incidents & Breaches Perform Digital Forensic Investigations Data Mine Internet Intelligence
More informationExchange Server Installation on Windows Server 2019 Core Edition
Exchange Server 2019- Installation on Windows Server 2019 Core Edition Hussain Shakir LinkedIn: https://www.linkedin.com/in/mrhussain Twitter: https://twitter.com/hshakir_ms Blog: http://mstechguru.blogspot.com/
More information"Charting the Course... MOC C: Securing Windows Server Course Summary
Course Summary Description This five-day, instructor-led course teaches IT professionals how they can enhance the security of the IT infrastructure that they administer. This course begins by emphasizing
More informationEvolution Of Cyber Threats & Defense Approaches
Evolution Of Cyber Threats & Defense Approaches Antony Abraham IT Architect, Information Security, State Farm Kevin McIntyre Tech Lead, Information Security, State Farm Agenda About State Farm Evolution
More informationJohn Coggeshall Copyright 2006, Zend Technologies Inc.
PHP Security Basics John Coggeshall Copyright 2006, Zend Technologies Inc. Welcome! Welcome to PHP Security Basics Who am I: John Coggeshall Lead, North American Professional Services PHP 5 Core Contributor
More informationForeScout ControlFabric TM Architecture
ForeScout ControlFabric TM Architecture IMPROVE MULTI-VENDOR SOLUTION EFFECTIVENESS, RESPONSE AND WORKFLOW AUTOMATION THROUGH COLLABORATION WITH INDUSTRY-LEADING TECHNOLOGY PARTNERS. The Challenge 50%
More informationCrash course in Azure Active Directory
Crash course in Azure Active Directory Crash course in Azure Active Directory Competing today requires a focus on digital transformation and empowering everyone to be creative and work together securely.
More informationSecuring Windows Server 2016
Course 20744C: Securing Windows Server 2016 Page 1 of 7 Securing Windows Server 2016 Course 20744C: 4 days; Instructor-Led Introduction This four-day, instructor-led course teaches IT professionals how
More informationJordan Levesque - Keeping your Business Secure
Jordan Levesque - Keeping your Business Secure Review of PCI Benefits of hosting with RCS File Integrity Monitoring Two Factor Log Aggregation Vulnerability Scanning Configuration Management and Continuous
More informationRemote social engineering techniques involving Microsoft Universal Naming Convention (UNC) function.
10 March 2016 Remote social engineering techniques involving Microsoft Universal Naming Convention (UNC) function. Presented by Neil Lines Who am I? Neil Lines - Pen Tester Involved in a range of security
More informationDiscover threats quickly, remediate immediately, and mitigate the impact of malware and breaches
Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches Introduction No matter how hard you work to educate your employees about the constant and evolving threats
More informationWindows. Not just for houses
Windows Not just for houses Windows 110 Windows Server Essentially a jacked up windows 8 box Still GUI based Still makes no sense No start menu :( (Install classic shell)... trust me... Windows Server
More informationWelcome! Ready To Secure Access to Your Microsoft Applications?
Welcome! Ready To Secure Access to Your Microsoft Applications? During the Webinar Audio In presentation mode until end Control Panel View webinar in full screen mode Feel Free to submit written questions
More informationSECURITY INSIDE THE PERIMETER - THE CALL IS COMING FROM INSIDE THE HOUSE
SECURITY INSIDE THE PERIMETER - THE CALL IS COMING FROM INSIDE THE HOUSE Event Code: #ILTALSS #LSS17 Date: June 13, 2017 Time: 3:00 PM - 4:00 PM ET Location: Salon I SECURITY INSIDE THE PERIMETER THE CALL
More informationMicrosoft Intune App Protection Policies Integration. VMware Workspace ONE UEM 1811
Microsoft Intune App Protection Policies Integration VMware Workspace ONE UEM 1811 Microsoft Intune App Protection Policies Integration You can find the most up-to-date technical documentation on the VMware
More informationEnterprise Ransomware Mitigations
打造數碼安全校園 Enterprise Ransomware Mitigations Windows 10, Edge Browser, Office ATP Enterprise Mobility Suite (EMS) ATP OneDrive for Business Azure Backup 3rd party Cloud Backup THE WINDOWS CLIENT DEFENSE
More informationStaying Safe Online. My Best Internet Safety Tips. and the AgeWell Computer Education Center.
Staying Safe Online My Best Internet Safety Tips and the AgeWell Computer Education Center Welcome to our first Webinar of 2017! Agenda o How to use the Webinar Room o Upcoming CEC Classes o My tips for
More informationAttacks Against Websites 3 The OWASP Top 10. Tom Chothia Computer Security, Lecture 14
Attacks Against Websites 3 The OWASP Top 10 Tom Chothia Computer Security, Lecture 14 OWASP top 10. The Open Web Application Security Project Open public effort to improve web security: Many useful documents.
More informationNetwrix Auditor. Visibility Platform for User Behavior Analysis. and Risk Mitigation in Hybrid IT Environments.
Netwrix Auditor Visibility Platform for User Behavior Analysis and Risk Mitigation in Hybrid IT Environments www.wssitalia.it 01 Product Overview Netwrix Auditor Platform Netwrix Auditor is a visibility
More informationHybrid Identity de paraplu in de cloud
EXPERTS LIVE SUMMER NIGHT Hybrid Identity de paraplu in de cloud Robbert van der Zwan TSP EM+S Netherlands EXPERTS LIVE SUMMER NIGHT Robbert van der Zwan Robbert works as an Enterprise Mobility and Security
More informationNano Server in Windows Server An AMA with Andrew Mason from Microsoft
Nano Server in Windows Server 2016 An AMA with Andrew Mason from Microsoft info@altaro.com www.altaro.com Agenda info@altaro.com www.altaro.com Andy Syrewicze Twitter - @asyrewicze Blog http://www.altaro.com/hyper-v
More information[ Sean TrimarcSecurity.com ]
Securing the Microsoft Cloud (Office 365 & Azure AD) Sean Metcalf Founder, Trimarc Presenter bio Sean Metcalf Founder & CTO, Trimarc One of ~100 people globally who holds the Microsoft Certified Master
More informationSecuring Privileged Access Securing High Value Assets Datacenter Security Information Protection Information Worker and Device Protection
Securing Privileged Access Securing High Value Assets Datacenter Security Information Protection Information Worker and Device Protection Azure Active Directory 3 rd Party IaaS IaaS Rights Management Services
More informationRastaLabs Red Team Simulation Lab
RastaLabs Red Team Simulation Lab LAB OUTLINE Description RastaLabs is a virtual Red Team Simulation environment, designed to be attacked as a means of learning and honing your engagement skills. The focus
More informationCyber Security Defense-In-depth RICH KINAS ORLANDO UTILITIES COMMISSION COMPLIANCE SPRING WORKSHOP MAY 9-10, 2017
1 Cyber Security Defense-In-depth RICH KINAS ORLANDO UTILITIES COMMISSION COMPLIANCE SPRING WORKSHOP MAY 9-10, 2017 Overview 2 Defense-In-Depth Verses layered defense Verses Enhanced Security NERC Reliability
More informationMicrosoft 365 powered device webinar series Microsoft 365 powered device Assessment Kit. Alan Maddison, Architect Amit Bhatia, Architect
Microsoft 365 powered device webinar series Microsoft 365 powered device Assessment Kit Alan Maddison, Architect Amit Bhatia, Architect Why did we create the Assessment kit? Assessment objectives Assess
More informationArcGIS Enterprise Security: Advanced. Gregory Ponto & Jeff Smith
Enterprise Security: Advanced Gregory Ponto & Jeff Smith Agenda Focus: Security best practices for Enterprise Server Portal for 10.5.x Features Strongly Recommend: Knowledge of Server and Portal for Security
More informationDesigning and Building a Cybersecurity Program
Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework (CSF) Larry Wilson lwilson@umassp.edu ISACA Breakfast Meeting January, 2016 Designing & Building a Cybersecurity
More informationWell, That Escalated Quickly! How abusing the Docker API Led to Remote Code Execution, Same Origin Bypass and Persistence in the Hypervisor via
Well, That Escalated Quickly! How abusing the Docker API Led to Remote Code Execution, Same Origin Bypass and Persistence in the Hypervisor via Shadow Containers. Michael Cherny @chernymi Sagie Dulce @SagieSec
More informationWho am I? Identity Product Group, CXP Team. Premier Field Engineer. SANS STI Student GWAPT, GCIA, GCIH, GCWN, GMOB
@markmorow Who am I? Identity Product Group, CXP Team Premier Field Engineer SANS STI Student GWAPT, GCIA, GCIH, GCWN, GMOB Active Directory Domain Services On-premises App Server Validate credentials
More informationNetwrix Auditor. Virtual Appliance and Cloud Deployment Guide. Version: /25/2017
Netwrix Auditor Virtual Appliance and Cloud Deployment Guide Version: 9.5 10/25/2017 Legal Notice The information in this publication is furnished for information use only, and does not constitute a commitment
More informationMoving from Reactive to Proactive Security. Sami Laiho Adminize / Intility Senior Technical Fellow, MVP April 28 th New-York City
Moving from Reactive to Proactive Security Sami Laiho Adminize / Intility Senior Technical Fellow, MVP April 28 th New-York City Thanks to our Organizers! Tome Tanasovski PowerShell MVP Blog: http://powertoe.wordpress.com/
More informationNetwrix Auditor. Intelligence Guide. Version: /30/2018
Netwrix Auditor Intelligence Guide Version: 9.7 11/30/2018 Legal Notice The information in this publication is furnished for information use only, and does not constitute a commitment from Netwrix Corporation
More information