SlideShare a Scribd company logo

12 Crucial Windows Security Skills for 2017

Download as PPTX, PDF
Paula Januszkiewicz
Paula Januszkiewicz

Learn the 12 skills that our CQURE team has identified as crucial to keep your IT safe in 2017

Education
1 of 41
12 Crucial Windows Security Skills for 2017 Paula Januszkiewicz CQURE: CEO, Penetration Tester; Security Expert CQURE Academy: Trainer MVP: Enterprise Security, MCT Greg Tworek CQURE: CTO, Security Expert CQURE Academy: Trainer MVP: Enterprise Security, MCT
What does CQURE do? Consulting Services: Extensive IT Security Audits and Penetration Tests of all kinds Configuration Audit and Architecture Design Social Engineering Tests Advanced Troubleshooting and Debugging Emergency Response Services R&D & Publications Trainings & Seminars: Offline (mainly in New York or via our partners worldwide) Online (you will hear more about it in the end of this Webinar)
Michael Kama Dorothy Olga Michal Paula Greg Ken Chris
To ensure the good quality of your experience: 1. If you have problems with viewing the Webinar try refreshing the page first or try another browser. 2. If problems persist please let us know in the comment section or on info@cqureacademy.com. 3. If there will be connection or software problem, please look into your email box or fb.com/cqure for instructions. 4. We will be taking questions at the end of the Webinar during Q and A session so write them down!
What can you expect today? 1. The BIG REVEAL of 12 skills that our CQURE team has identified as crucial to keep your IT safe in 2017. 2. Live demonstrations! 3. Tips on how you learn this stuff on your own. 4. A hacking challenge with a cool prize :) 5. Live Q&A with me and the CQURE Team. 6. You will get files of all the tools we will be using here!
What was your score in our Windows Security QUIZ - share in the comment section!
According to the industry’s statistics, by 2019 the market will need 6 mln security professionals. But only 4 to 5 million of them will have the needed qualifications. *Source: Financial Times
12 Crucial Windows Security Skills for 2017
#1 Skill: Machine Learning for Threat Protection Forexample:Whatif weuseacustomreflectivePELoadertocreateandruncustomcode?
#2A Skill: Incident Response Plan Action list In case of emergency situation: allows to act reasonably and according to the plan Increases chances that evidence is gathered properly Allows to define responsibilities for recovery Discussions provide management with understanding of security Jump Bag: preserving evidence Disk data: Disk2VHD, WinDD, FTK Imager Memory dumps: DumpIT, Mdd, Mandiant tools, LiME, OSXPMem Centralization of the event logs Pre-incident steps: use Sysmon for better knowledge about processes and network
#2B Skill: Malware Analysis Sandbox
#3 Skill: Whitelisting Code execution prevention It is an absolute necessity taking into consideration the current security trends PowerShell is a new hacking tool Scripting languages are the biggest threat Ransomware can be in a form of PowerShell script Just Enough Administration: PowerShell should be blocked for users and limited for helpdesk to use the necessary commands It is necessary to know what executes on your servers Sysmon is perfect for this AppLocker / DeviceGuard in the audit mode
#4 Skill: Privileged Access Management Access Monitoring / Effective Access We need to know about who and where has access to Access should be role driven
First CQURE Academy Challenge! 1. 2. 3. 4. 5.
#5 Skill: Well done PKI Implementation Pretty much every time we do an audit we see incorrectly implemented PKI Certificates are or can be used in most of the modern services Be aware of the newest security trends in the certificate services Smart card logon can be bypassed Private key that is not exportable is… exportable CQURE discovery: SID-protected PFX files can be access to by unauthorized users
What is the most popular attack right now?
User: Adm... Hash:E1977 Fred’s Laptop Fred’s User Session User: Fred Password hash: A3D7… Sue’s Laptop Sue’s User Session Pass The Hash Technique Malware Session User: Administrator Password hash: E1977… Malware User Session User: Adm… Hash: E1977 User: Sue Hash: C9DF User: Sue Password hash: C9DF… File Server User: Sue Hash:C9DF 1 3 4 1. FRED RUNS MALWARE, HE IS A LOCAL ADMINISTRATOR 2. THERE IS A PASS THE HASH SESSION ESTABLISHED WITH ANOTHER COMPUTER 3. MALWARE INFECTS SUE’S LAPTOP AS FRED 4. MALWARE INFECTS FILE SERVER AS SUE 2
#6 Hardware-based Credentials Protection Virtual Secure Mode (VSM) VSM isolates sensitive Windows processes in a hardware based Hyper-V container VSM protects VSM kernel and Trustlets even if Windows Kernel is fully compromised Requires processor virtualization extensions (e.g.: VT-X, VT-D) Implements Credential Guard where derived credentials that VSM protected LSA Service gives to Windows are non-replayable VSM runs the Windows Kernel and a series of Trustlets (Processes) within it
#7 Skill: PowerShell Level Master PowerShell implements great automation (and hacking tool) Some solutions are managed by Powershell only (Nano, IoT) Experience shows that administrators try to avoid it – especially these ones with great experience There are so many custom modules available: PowerForensics, AccessControl etc. You can create your own customized modules
#8 Skill: Learn How to Talk Security to Managers Sad facts Photo: the New York Times Magazine
#9 Skill: Event Tracing For Windows
Second CQURE Academy Challenge http://challenge.cqureacademy.com/test.txt Task:
#10 Skill: Log Centralization Available solutions
#11 Skill: Mastered Windows Server 2016
#12 Skill: Testing Yourself When You Can
12 Crucial Windows Security Skills for 2017
#1 Skill: Machine Learning for Threat Protection Implementation of the process execution prevention (AppLocker etc.) #2A Skill: Incident Response Plan #2B Skill: Malware Analysis Sandbox #3 Skill: Whitelisting #4 Skill: Privileged Access Management #5 Skill: Working PKI Implementation #6 Skill: Hardware-based Credentials Protection 1 - 6
#7 Skill: PowerShell Level Master #8 Skill: Learn How to Talk Security to Managers #9 Skill: Event Tracing For Windows #10 Skill: Log Centralization #11 Skill: Mastered Windows Server 2016 #12 Skill: Testing Yourself When You Can 7 - 12
Summary: Best Practices Understanding is the key to security Continuous vulnerability discovery Context-Aware Analysis Prioritization Remediation and Tracking Configuration reviews Put on the Hacker’s Shoes Prevention is the key to success
Additional Resources Websites Microsoft Virtual Academy Ars Technica The Register The Hacker News Dark Reading Krebs on Security Computer World Threat Post Beta News Tech News World Tech Crunch ZDNetSecurity Affairs Computer Weekly Network World SC Magazine Wired Schneier on Security Elie Bursztein Books ‘Windows Internals’ ‘Inside Windows Debugging’ ‘Advanced Debugging for Windows’ ‘Practical Malware Analysis’ ‘Malware Analyst's Cookbook’
Key facts about the Advanced Windows Security Course For 2017: 1. ONCE A YEAR ONLY (each year it will be adjusted to meet the upcoming trends). 2. 12 Live Online Sessions with Paula and other experts from CQURE Academy (mostly Tuesday and Thursday, 7PM CEST / 1PM EST / 10AM PST). 3. Video recordings of sessions, slides, scripts & tools included. 4. Closed students group on Facebook (where you can exchange ideas and network). 5. Free access to CQURE Lab (where you will practice and do homework).
The course finishes with an exam. If you pass (you get at least 70% answers correct) you will get our CQURE Academy CERTIFICATE: Windows Security Master 2017
Tuition: $2,850 $1,900 ~ If you apply before end of Monday October 31 ~
About the application process: 1. This is for professionals who’ve passed the intermediate level. We’ll skip the fluff and go straight to the advanced stuff. 2. Admission is selective - to attend you need to APPLY. 3. We prioritize: your skills and professional achievements, but also your attitude and how you can contribute to the group. 4. We’ll be taking on board 200 students only (we did soft launch at Microsoft Ignite and only 100 are still available). 5. If you apply before Monday midnight, you will secure a lower tuition fee of $1,900 (instead of $2850).
The Prize For Hackers Who Won Today’s Challenge: A free seat at “Advanced Windows Security Course For 2017” (worth $2,850!)
Q and A Time!
Thank You! If you have questions email us at info@cqureacademy.com You can also chat us up on the page https://cqureacademy.com/advanced2017

Recommended

30 Cybersecurity Skills You Need To Become a Windows Security Pro
30 Cybersecurity Skills You Need To Become a Windows Security Pro 30 Cybersecurity Skills You Need To Become a Windows Security Pro
30 Cybersecurity Skills You Need To Become a Windows Security Pro Paula Januszkiewicz
 
RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...
RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...
RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...Paula Januszkiewicz
 
12 Crucial Windows Security Skills for 2018
12 Crucial Windows Security Skills for 201812 Crucial Windows Security Skills for 2018
12 Crucial Windows Security Skills for 2018Paula Januszkiewicz
 
The hacker playbook: How to think and act like a cybercriminal to reduce risk...
The hacker playbook: How to think and act like a cybercriminal to reduce risk...The hacker playbook: How to think and act like a cybercriminal to reduce risk...
The hacker playbook: How to think and act like a cybercriminal to reduce risk...Paula Januszkiewicz
 
rsa-usa-2019-keynote-paula-januszkiewicz
rsa-usa-2019-keynote-paula-januszkiewiczrsa-usa-2019-keynote-paula-januszkiewicz
rsa-usa-2019-keynote-paula-januszkiewiczPaula Januszkiewicz
 
Top 10 ways to make hackers excited: All about the shortcuts not worth taking
Top 10 ways to make hackers excited: All about the shortcuts not worth takingTop 10 ways to make hackers excited: All about the shortcuts not worth taking
Top 10 ways to make hackers excited: All about the shortcuts not worth takingPaula Januszkiewicz
 
Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...
Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...
Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...Paula Januszkiewicz
 
Microsoft Ignite session: Explore adventures in the underland: forensic techn...
Microsoft Ignite session: Explore adventures in the underland: forensic techn...Microsoft Ignite session: Explore adventures in the underland: forensic techn...
Microsoft Ignite session: Explore adventures in the underland: forensic techn...Paula Januszkiewicz
 

Recommended

30 Cybersecurity Skills You Need To Become a Windows Security Pro
30 Cybersecurity Skills You Need To Become a Windows Security Pro 30 Cybersecurity Skills You Need To Become a Windows Security Pro
30 Cybersecurity Skills You Need To Become a Windows Security Pro Paula Januszkiewicz
 
RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...
RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...
RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...Paula Januszkiewicz
 
12 Crucial Windows Security Skills for 2018
12 Crucial Windows Security Skills for 201812 Crucial Windows Security Skills for 2018
12 Crucial Windows Security Skills for 2018Paula Januszkiewicz
 
The hacker playbook: How to think and act like a cybercriminal to reduce risk...
The hacker playbook: How to think and act like a cybercriminal to reduce risk...The hacker playbook: How to think and act like a cybercriminal to reduce risk...
The hacker playbook: How to think and act like a cybercriminal to reduce risk...Paula Januszkiewicz
 
rsa-usa-2019-keynote-paula-januszkiewicz
rsa-usa-2019-keynote-paula-januszkiewiczrsa-usa-2019-keynote-paula-januszkiewicz
rsa-usa-2019-keynote-paula-januszkiewiczPaula Januszkiewicz
 
Top 10 ways to make hackers excited: All about the shortcuts not worth taking
Top 10 ways to make hackers excited: All about the shortcuts not worth takingTop 10 ways to make hackers excited: All about the shortcuts not worth taking
Top 10 ways to make hackers excited: All about the shortcuts not worth takingPaula Januszkiewicz
 
Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...
Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...
Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...Paula Januszkiewicz
 
Microsoft Ignite session: Explore adventures in the underland: forensic techn...
Microsoft Ignite session: Explore adventures in the underland: forensic techn...Microsoft Ignite session: Explore adventures in the underland: forensic techn...
Microsoft Ignite session: Explore adventures in the underland: forensic techn...Paula Januszkiewicz
 
Top 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth Taking
Top 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth TakingTop 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth Taking
Top 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth TakingPaula Januszkiewicz
 
RSA Conference 2017 session: What System Stores on the Disk Without Telling You
RSA Conference 2017 session: What System Stores on the Disk Without Telling YouRSA Conference 2017 session: What System Stores on the Disk Without Telling You
RSA Conference 2017 session: What System Stores on the Disk Without Telling YouPaula Januszkiewicz
 
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...Paula Januszkiewicz
 
Top 10 mobile security risks - Khổng Văn Cường
Top 10 mobile security risks - Khổng Văn CườngTop 10 mobile security risks - Khổng Văn Cường
Top 10 mobile security risks - Khổng Văn CườngVõ Thái Lâm
 
Fatal signs: 10 symptoms when you think you’ve been hacked
Fatal signs: 10 symptoms when you think you’ve been hackedFatal signs: 10 symptoms when you think you’ve been hacked
Fatal signs: 10 symptoms when you think you’ve been hackedPaula Januszkiewicz
 
Content Security Policy - Lessons learned at Yahoo
Content Security Policy - Lessons learned at YahooContent Security Policy - Lessons learned at Yahoo
Content Security Policy - Lessons learned at YahooBinu Ramakrishnan
 
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault
 
Investigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft WindowsInvestigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft WindowsAaron ND Sawmadal
 
Avoiding the 10 Deadliest and Most Common Sins for Securing Windows
Avoiding the 10 Deadliest and Most Common Sins for Securing WindowsAvoiding the 10 Deadliest and Most Common Sins for Securing Windows
Avoiding the 10 Deadliest and Most Common Sins for Securing WindowsBeyondTrust
 
Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018Paula Januszkiewicz
 
Microsoft Security Development Lifecycle
Microsoft Security Development LifecycleMicrosoft Security Development Lifecycle
Microsoft Security Development LifecycleRazi Rais
 
Hardening Database Server
Hardening Database ServerHardening Database Server
Hardening Database ServerFahri Firdausillah
 
ITPG Secure on WannaCry
ITPG Secure on WannaCryITPG Secure on WannaCry
ITPG Secure on WannaCryITPG Secure Compliance and Certification Training
 
Shields up - improving web application security
Shields up - improving web application securityShields up - improving web application security
Shields up - improving web application securityKonstantin Mirin
 
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?Storage Switzerland
 
CIS 333 Entire Course NEW
CIS 333 Entire Course NEWCIS 333 Entire Course NEW
CIS 333 Entire Course NEWshyamuopfive
 
The Windows Password Policy is Not Enough
The Windows Password Policy is Not EnoughThe Windows Password Policy is Not Enough
The Windows Password Policy is Not EnoughnFront Security
 
Secure Coding for Java - An Introduction
Secure Coding for Java - An IntroductionSecure Coding for Java - An Introduction
Secure Coding for Java - An IntroductionSebastien Gioria
 
Maturity Model of Security Disciplines
Maturity Model of Security Disciplines Maturity Model of Security Disciplines
Maturity Model of Security Disciplines Florian Roth
 
Virtual Networking Security - Network Security
Virtual Networking Security - Network SecurityVirtual Networking Security - Network Security
Virtual Networking Security - Network SecurityEng Teong Cheah
 
Windows security context
Windows security contextWindows security context
Windows security contextInGuen Hwang
 
Windows Security
Windows Security Windows Security
Windows Security Pooja Talreja
 

More Related Content

What's hot

Top 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth Taking
Top 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth TakingTop 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth Taking
Top 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth TakingPaula Januszkiewicz
 
RSA Conference 2017 session: What System Stores on the Disk Without Telling You
RSA Conference 2017 session: What System Stores on the Disk Without Telling YouRSA Conference 2017 session: What System Stores on the Disk Without Telling You
RSA Conference 2017 session: What System Stores on the Disk Without Telling YouPaula Januszkiewicz
 
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...Paula Januszkiewicz
 
Top 10 mobile security risks - Khổng Văn Cường
Top 10 mobile security risks - Khổng Văn CườngTop 10 mobile security risks - Khổng Văn Cường
Top 10 mobile security risks - Khổng Văn CườngVõ Thái Lâm
 
Fatal signs: 10 symptoms when you think you’ve been hacked
Fatal signs: 10 symptoms when you think you’ve been hackedFatal signs: 10 symptoms when you think you’ve been hacked
Fatal signs: 10 symptoms when you think you’ve been hackedPaula Januszkiewicz
 
Content Security Policy - Lessons learned at Yahoo
Content Security Policy - Lessons learned at YahooContent Security Policy - Lessons learned at Yahoo
Content Security Policy - Lessons learned at YahooBinu Ramakrishnan
 
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault
 
Investigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft WindowsInvestigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft WindowsAaron ND Sawmadal
 
Avoiding the 10 Deadliest and Most Common Sins for Securing Windows
Avoiding the 10 Deadliest and Most Common Sins for Securing WindowsAvoiding the 10 Deadliest and Most Common Sins for Securing Windows
Avoiding the 10 Deadliest and Most Common Sins for Securing WindowsBeyondTrust
 
Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018Paula Januszkiewicz
 
Microsoft Security Development Lifecycle
Microsoft Security Development LifecycleMicrosoft Security Development Lifecycle
Microsoft Security Development LifecycleRazi Rais
 
Shields up - improving web application security
Shields up - improving web application securityShields up - improving web application security
Shields up - improving web application securityKonstantin Mirin
 
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?Storage Switzerland
 
CIS 333 Entire Course NEW
CIS 333 Entire Course NEWCIS 333 Entire Course NEW
CIS 333 Entire Course NEWshyamuopfive
 
The Windows Password Policy is Not Enough
The Windows Password Policy is Not EnoughThe Windows Password Policy is Not Enough
The Windows Password Policy is Not EnoughnFront Security
 
Secure Coding for Java - An Introduction
Secure Coding for Java - An IntroductionSecure Coding for Java - An Introduction
Secure Coding for Java - An IntroductionSebastien Gioria
 
Maturity Model of Security Disciplines
Maturity Model of Security Disciplines Maturity Model of Security Disciplines
Maturity Model of Security Disciplines Florian Roth
 
Virtual Networking Security - Network Security
Virtual Networking Security - Network SecurityVirtual Networking Security - Network Security
Virtual Networking Security - Network SecurityEng Teong Cheah
 

What's hot (20)

Top 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth Taking
Top 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth TakingTop 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth Taking
Top 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth Taking
 
RSA Conference 2017 session: What System Stores on the Disk Without Telling You
RSA Conference 2017 session: What System Stores on the Disk Without Telling YouRSA Conference 2017 session: What System Stores on the Disk Without Telling You
RSA Conference 2017 session: What System Stores on the Disk Without Telling You
 
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...
 
Top 10 mobile security risks - Khổng Văn Cường
Top 10 mobile security risks - Khổng Văn CườngTop 10 mobile security risks - Khổng Văn Cường
Top 10 mobile security risks - Khổng Văn Cường
 
Fatal signs: 10 symptoms when you think you’ve been hacked
Fatal signs: 10 symptoms when you think you’ve been hackedFatal signs: 10 symptoms when you think you’ve been hacked
Fatal signs: 10 symptoms when you think you’ve been hacked
 
Content Security Policy - Lessons learned at Yahoo
Content Security Policy - Lessons learned at YahooContent Security Policy - Lessons learned at Yahoo
Content Security Policy - Lessons learned at Yahoo
 
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
 
Investigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft WindowsInvestigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft Windows
 
Avoiding the 10 Deadliest and Most Common Sins for Securing Windows
Avoiding the 10 Deadliest and Most Common Sins for Securing WindowsAvoiding the 10 Deadliest and Most Common Sins for Securing Windows
Avoiding the 10 Deadliest and Most Common Sins for Securing Windows
 
Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018
 
Microsoft Security Development Lifecycle
Microsoft Security Development LifecycleMicrosoft Security Development Lifecycle
Microsoft Security Development Lifecycle
 
Hardening Database Server
Hardening Database ServerHardening Database Server
Hardening Database Server
 
ITPG Secure on WannaCry
ITPG Secure on WannaCryITPG Secure on WannaCry
ITPG Secure on WannaCry
 
Shields up - improving web application security
Shields up - improving web application securityShields up - improving web application security
Shields up - improving web application security
 
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
 
CIS 333 Entire Course NEW
CIS 333 Entire Course NEWCIS 333 Entire Course NEW
CIS 333 Entire Course NEW
 
The Windows Password Policy is Not Enough
The Windows Password Policy is Not EnoughThe Windows Password Policy is Not Enough
The Windows Password Policy is Not Enough
 
Secure Coding for Java - An Introduction
Secure Coding for Java - An IntroductionSecure Coding for Java - An Introduction
Secure Coding for Java - An Introduction
 
Maturity Model of Security Disciplines
Maturity Model of Security Disciplines Maturity Model of Security Disciplines
Maturity Model of Security Disciplines
 
Virtual Networking Security - Network Security
Virtual Networking Security - Network SecurityVirtual Networking Security - Network Security
Virtual Networking Security - Network Security
 

Viewers also liked

Windows security context
Windows security contextWindows security context
Windows security contextInGuen Hwang
 
Windows Server 8 Security Improvement
Windows Server 8 Security ImprovementWindows Server 8 Security Improvement
Windows Server 8 Security ImprovementWong Chon Kit
 
Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru...
Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru...Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru...
Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru...Beau Bullock
 
Windows 7 professional Vs Windows 7 enterprise
Windows 7 professional Vs Windows 7 enterpriseWindows 7 professional Vs Windows 7 enterprise
Windows 7 professional Vs Windows 7 enterprise247infotech
 
Protecting Windows Passwords and Preventing Windows Computer / Password Attacks
Protecting Windows Passwords and Preventing Windows Computer / Password AttacksProtecting Windows Passwords and Preventing Windows Computer / Password Attacks
Protecting Windows Passwords and Preventing Windows Computer / Password AttacksZoho Corporation
 
Decrypting the security mystery with SIEM (Part 2) ​
Decrypting the security mystery with SIEM (Part 2) ​Decrypting the security mystery with SIEM (Part 2) ​
Decrypting the security mystery with SIEM (Part 2) ​Zoho Corporation
 
44CON London 2015: NTFS Analysis with PowerForensics
44CON London 2015: NTFS Analysis with PowerForensics44CON London 2015: NTFS Analysis with PowerForensics
44CON London 2015: NTFS Analysis with PowerForensicsJared Atkinson
 
linux security: interact with linux
linux security: interact with linuxlinux security: interact with linux
linux security: interact with linuxAmmar WK
 
The top 10 windows logs event id's used v1.0
The top 10 windows logs event id's used v1.0The top 10 windows logs event id's used v1.0
The top 10 windows logs event id's used v1.0Michael Gough
 
Windows Service Hardening
Windows Service HardeningWindows Service Hardening
Windows Service HardeningDigital Bond
 
The RIPE Experience
The RIPE ExperienceThe RIPE Experience
The RIPE ExperienceDigital Bond
 
Internet Accessible ICS in Japan (English)
Internet Accessible ICS in Japan (English)Internet Accessible ICS in Japan (English)
Internet Accessible ICS in Japan (English)Digital Bond
 
Accelerating OT - A Case Study
Accelerating OT - A Case StudyAccelerating OT - A Case Study
Accelerating OT - A Case StudyDigital Bond
 
Incubation of ICS Malware (English)
Incubation of ICS Malware (English)Incubation of ICS Malware (English)
Incubation of ICS Malware (English)Digital Bond
 
S4xJapan Closing Keynote
S4xJapan Closing KeynoteS4xJapan Closing Keynote
S4xJapan Closing KeynoteDigital Bond
 
Threats, Vulnerabilities & Security measures in Linux
Threats, Vulnerabilities & Security measures in LinuxThreats, Vulnerabilities & Security measures in Linux
Threats, Vulnerabilities & Security measures in LinuxAmitesh Bharti
 
Attacking and Defending Autos Via OBD-II from escar Asia
Attacking and Defending Autos Via OBD-II from escar AsiaAttacking and Defending Autos Via OBD-II from escar Asia
Attacking and Defending Autos Via OBD-II from escar AsiaDigital Bond
 
Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)Digital Bond
 
Dynamic Zoning Based On Situational Activity in ICS (Japanese)
Dynamic Zoning Based On Situational Activity in ICS (Japanese)Dynamic Zoning Based On Situational Activity in ICS (Japanese)
Dynamic Zoning Based On Situational Activity in ICS (Japanese)Digital Bond
 

Viewers also liked (20)

Windows security context
Windows security contextWindows security context
Windows security context
 
Windows Security
Windows Security Windows Security
Windows Security
 
Windows Server 8 Security Improvement
Windows Server 8 Security ImprovementWindows Server 8 Security Improvement
Windows Server 8 Security Improvement
 
Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru...
Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru...Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru...
Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show Tru...
 
Windows 7 professional Vs Windows 7 enterprise
Windows 7 professional Vs Windows 7 enterpriseWindows 7 professional Vs Windows 7 enterprise
Windows 7 professional Vs Windows 7 enterprise
 
Protecting Windows Passwords and Preventing Windows Computer / Password Attacks
Protecting Windows Passwords and Preventing Windows Computer / Password AttacksProtecting Windows Passwords and Preventing Windows Computer / Password Attacks
Protecting Windows Passwords and Preventing Windows Computer / Password Attacks
 
Decrypting the security mystery with SIEM (Part 2) ​
Decrypting the security mystery with SIEM (Part 2) ​Decrypting the security mystery with SIEM (Part 2) ​
Decrypting the security mystery with SIEM (Part 2) ​
 
44CON London 2015: NTFS Analysis with PowerForensics
44CON London 2015: NTFS Analysis with PowerForensics44CON London 2015: NTFS Analysis with PowerForensics
44CON London 2015: NTFS Analysis with PowerForensics
 
linux security: interact with linux
linux security: interact with linuxlinux security: interact with linux
linux security: interact with linux
 
The top 10 windows logs event id's used v1.0
The top 10 windows logs event id's used v1.0The top 10 windows logs event id's used v1.0
The top 10 windows logs event id's used v1.0
 
Windows Service Hardening
Windows Service HardeningWindows Service Hardening
Windows Service Hardening
 
The RIPE Experience
The RIPE ExperienceThe RIPE Experience
The RIPE Experience
 
Internet Accessible ICS in Japan (English)
Internet Accessible ICS in Japan (English)Internet Accessible ICS in Japan (English)
Internet Accessible ICS in Japan (English)
 
Accelerating OT - A Case Study
Accelerating OT - A Case StudyAccelerating OT - A Case Study
Accelerating OT - A Case Study
 
Incubation of ICS Malware (English)
Incubation of ICS Malware (English)Incubation of ICS Malware (English)
Incubation of ICS Malware (English)
 
S4xJapan Closing Keynote
S4xJapan Closing KeynoteS4xJapan Closing Keynote
S4xJapan Closing Keynote
 
Threats, Vulnerabilities & Security measures in Linux
Threats, Vulnerabilities & Security measures in LinuxThreats, Vulnerabilities & Security measures in Linux
Threats, Vulnerabilities & Security measures in Linux
 
Attacking and Defending Autos Via OBD-II from escar Asia
Attacking and Defending Autos Via OBD-II from escar AsiaAttacking and Defending Autos Via OBD-II from escar Asia
Attacking and Defending Autos Via OBD-II from escar Asia
 
Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)
 
Dynamic Zoning Based On Situational Activity in ICS (Japanese)
Dynamic Zoning Based On Situational Activity in ICS (Japanese)Dynamic Zoning Based On Situational Activity in ICS (Japanese)
Dynamic Zoning Based On Situational Activity in ICS (Japanese)
 

Similar to 12 Crucial Windows Security Skills for 2017

N3XAsec CPTE plan de estudios detallado
N3XAsec CPTE plan de estudios detalladoN3XAsec CPTE plan de estudios detallado
N3XAsec CPTE plan de estudios detalladoRafael Seg
 
So... you want to be a security consultant
So... you want to be a security consultant So... you want to be a security consultant
So... you want to be a security consultant abnmi
 
Ask me anything: A Conversational Interface to Augment Information Security w...
Ask me anything: A Conversational Interface to Augment Information Security w...Ask me anything: A Conversational Interface to Augment Information Security w...
Ask me anything: A Conversational Interface to Augment Information Security w...Matthew Park
 
1.Security Overview And Patching
1.Security Overview And Patching1.Security Overview And Patching
1.Security Overview And Patchingphanleson
 
Password Attack
Password Attack Password Attack
Password Attack Sina Manavi
 
Blackhat 2014 Conference and Defcon 22
Blackhat 2014 Conference and Defcon 22 Blackhat 2014 Conference and Defcon 22
Blackhat 2014 Conference and Defcon 22 dandb-technology
 
3.Secure Design Principles And Process
3.Secure Design Principles And Process3.Secure Design Principles And Process
3.Secure Design Principles And Processphanleson
 
Charting a Career in Information Security - August 2020
Charting a Career in Information Security - August 2020Charting a Career in Information Security - August 2020
Charting a Career in Information Security - August 2020JayTymchuk
 
Introduction to Cybersecurity | IIT(BHU)CyberSec
Introduction to Cybersecurity | IIT(BHU)CyberSecIntroduction to Cybersecurity | IIT(BHU)CyberSec
Introduction to Cybersecurity | IIT(BHU)CyberSecYashSomalkar
 
Security engineering 101 when good design & security work together
Security engineering 101 when good design & security work togetherSecurity engineering 101 when good design & security work together
Security engineering 101 when good design & security work togetherWendy Knox Everette
 
Vulnerability Management: How to Think Like a Hacker to Reduce Risk
Vulnerability Management: How to Think Like a Hacker to Reduce RiskVulnerability Management: How to Think Like a Hacker to Reduce Risk
Vulnerability Management: How to Think Like a Hacker to Reduce RiskBeyondTrust
 
UX Workshop: How to design a product with great user experience
UX Workshop: How to design a product with great user experienceUX Workshop: How to design a product with great user experience
UX Workshop: How to design a product with great user experienceRaj Lal
 
Security Fundamentals and Threat Modelling
Security Fundamentals and Threat ModellingSecurity Fundamentals and Threat Modelling
Security Fundamentals and Threat ModellingKnoldus Inc.
 
Agile Secure Development
Agile Secure DevelopmentAgile Secure Development
Agile Secure DevelopmentBosnia Agile
 
MN502Overview of Network SecurityPage 6 of 6Assessment D.docx
MN502Overview of Network SecurityPage 6 of 6Assessment D.docxMN502Overview of Network SecurityPage 6 of 6Assessment D.docx
MN502Overview of Network SecurityPage 6 of 6Assessment D.docxraju957290
 
How to become a SOC Analyst and build a dream career with it.pptx
How to become a SOC Analyst and build a dream career with it.pptxHow to become a SOC Analyst and build a dream career with it.pptx
How to become a SOC Analyst and build a dream career with it.pptxInfosectrain3
 

Similar to 12 Crucial Windows Security Skills for 2017 (20)

N3XAsec CPTE plan de estudios detallado
N3XAsec CPTE plan de estudios detalladoN3XAsec CPTE plan de estudios detallado
N3XAsec CPTE plan de estudios detallado
 
So... you want to be a security consultant
So... you want to be a security consultant So... you want to be a security consultant
So... you want to be a security consultant
 
Lessonplan-1 (1).docx
Lessonplan-1 (1).docxLessonplan-1 (1).docx
Lessonplan-1 (1).docx
 
Lessonplan-1.docx
Lessonplan-1.docxLessonplan-1.docx
Lessonplan-1.docx
 
Ask me anything: A Conversational Interface to Augment Information Security w...
Ask me anything: A Conversational Interface to Augment Information Security w...Ask me anything: A Conversational Interface to Augment Information Security w...
Ask me anything: A Conversational Interface to Augment Information Security w...
 
1.Security Overview And Patching
1.Security Overview And Patching1.Security Overview And Patching
1.Security Overview And Patching
 
Password Attack
Password Attack Password Attack
Password Attack
 
Blackhat 2014 Conference and Defcon 22
Blackhat 2014 Conference and Defcon 22 Blackhat 2014 Conference and Defcon 22
Blackhat 2014 Conference and Defcon 22
 
3.Secure Design Principles And Process
3.Secure Design Principles And Process3.Secure Design Principles And Process
3.Secure Design Principles And Process
 
Charting a Career in Information Security - August 2020
Charting a Career in Information Security - August 2020Charting a Career in Information Security - August 2020
Charting a Career in Information Security - August 2020
 
Introduction to Cybersecurity | IIT(BHU)CyberSec
Introduction to Cybersecurity | IIT(BHU)CyberSecIntroduction to Cybersecurity | IIT(BHU)CyberSec
Introduction to Cybersecurity | IIT(BHU)CyberSec
 
Security engineering 101 when good design & security work together
Security engineering 101 when good design & security work togetherSecurity engineering 101 when good design & security work together
Security engineering 101 when good design & security work together
 
New Horizons SCYBER Presentation
New Horizons SCYBER PresentationNew Horizons SCYBER Presentation
New Horizons SCYBER Presentation
 
Vulnerability Management: How to Think Like a Hacker to Reduce Risk
Vulnerability Management: How to Think Like a Hacker to Reduce RiskVulnerability Management: How to Think Like a Hacker to Reduce Risk
Vulnerability Management: How to Think Like a Hacker to Reduce Risk
 
UX Workshop: How to design a product with great user experience
UX Workshop: How to design a product with great user experienceUX Workshop: How to design a product with great user experience
UX Workshop: How to design a product with great user experience
 
Security Fundamentals and Threat Modelling
Security Fundamentals and Threat ModellingSecurity Fundamentals and Threat Modelling
Security Fundamentals and Threat Modelling
 
Agile Secure Development
Agile Secure DevelopmentAgile Secure Development
Agile Secure Development
 
ceh pdf work.pdf
ceh pdf work.pdfceh pdf work.pdf
ceh pdf work.pdf
 
MN502Overview of Network SecurityPage 6 of 6Assessment D.docx
MN502Overview of Network SecurityPage 6 of 6Assessment D.docxMN502Overview of Network SecurityPage 6 of 6Assessment D.docx
MN502Overview of Network SecurityPage 6 of 6Assessment D.docx
 
How to become a SOC Analyst and build a dream career with it.pptx
How to become a SOC Analyst and build a dream career with it.pptxHow to become a SOC Analyst and build a dream career with it.pptx
How to become a SOC Analyst and build a dream career with it.pptx
 

Recently uploaded

The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfAyushMahapatra5
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...fonyou31
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfchloefrazer622
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 

Recently uploaded (20)

The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdf
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 

12 Crucial Windows Security Skills for 2017

  • 1. 12 Crucial Windows Security Skills for 2017 Paula Januszkiewicz CQURE: CEO, Penetration Tester; Security Expert CQURE Academy: Trainer MVP: Enterprise Security, MCT Greg Tworek CQURE: CTO, Security Expert CQURE Academy: Trainer MVP: Enterprise Security, MCT
  • 2. What does CQURE do? Consulting Services: Extensive IT Security Audits and Penetration Tests of all kinds Configuration Audit and Architecture Design Social Engineering Tests Advanced Troubleshooting and Debugging Emergency Response Services R&D & Publications Trainings & Seminars: Offline (mainly in New York or via our partners worldwide) Online (you will hear more about it in the end of this Webinar)
  • 4. To ensure the good quality of your experience: 1. If you have problems with viewing the Webinar try refreshing the page first or try another browser. 2. If problems persist please let us know in the comment section or on info@cqureacademy.com. 3. If there will be connection or software problem, please look into your email box or fb.com/cqure for instructions. 4. We will be taking questions at the end of the Webinar during Q and A session so write them down!
  • 5. What can you expect today? 1. The BIG REVEAL of 12 skills that our CQURE team has identified as crucial to keep your IT safe in 2017. 2. Live demonstrations! 3. Tips on how you learn this stuff on your own. 4. A hacking challenge with a cool prize :) 5. Live Q&A with me and the CQURE Team. 6. You will get files of all the tools we will be using here!
  • 6. What was your score in our Windows Security QUIZ - share in the comment section!
  • 7. According to the industry’s statistics, by 2019 the market will need 6 mln security professionals. But only 4 to 5 million of them will have the needed qualifications. *Source: Financial Times
  • 8. 12 Crucial Windows Security Skills for 2017
  • 9. #1 Skill: Machine Learning for Threat Protection Forexample:Whatif weuseacustomreflectivePELoadertocreateandruncustomcode?
  • 10. #2A Skill: Incident Response Plan Action list In case of emergency situation: allows to act reasonably and according to the plan Increases chances that evidence is gathered properly Allows to define responsibilities for recovery Discussions provide management with understanding of security Jump Bag: preserving evidence Disk data: Disk2VHD, WinDD, FTK Imager Memory dumps: DumpIT, Mdd, Mandiant tools, LiME, OSXPMem Centralization of the event logs Pre-incident steps: use Sysmon for better knowledge about processes and network
  • 11. #2B Skill: Malware Analysis Sandbox
  • 12. #3 Skill: Whitelisting Code execution prevention It is an absolute necessity taking into consideration the current security trends PowerShell is a new hacking tool Scripting languages are the biggest threat Ransomware can be in a form of PowerShell script Just Enough Administration: PowerShell should be blocked for users and limited for helpdesk to use the necessary commands It is necessary to know what executes on your servers Sysmon is perfect for this AppLocker / DeviceGuard in the audit mode
  • 13. #4 Skill: Privileged Access Management Access Monitoring / Effective Access We need to know about who and where has access to Access should be role driven
  • 14. First CQURE Academy Challenge! 1. 2. 3. 4. 5.
  • 15. #5 Skill: Well done PKI Implementation Pretty much every time we do an audit we see incorrectly implemented PKI Certificates are or can be used in most of the modern services Be aware of the newest security trends in the certificate services Smart card logon can be bypassed Private key that is not exportable is… exportable CQURE discovery: SID-protected PFX files can be access to by unauthorized users
  • 16. What is the most popular attack right now?
  • 17. User: Adm... Hash:E1977 Fred’s Laptop Fred’s User Session User: Fred Password hash: A3D7… Sue’s Laptop Sue’s User Session Pass The Hash Technique Malware Session User: Administrator Password hash: E1977… Malware User Session User: Adm… Hash: E1977 User: Sue Hash: C9DF User: Sue Password hash: C9DF… File Server User: Sue Hash:C9DF 1 3 4 1. FRED RUNS MALWARE, HE IS A LOCAL ADMINISTRATOR 2. THERE IS A PASS THE HASH SESSION ESTABLISHED WITH ANOTHER COMPUTER 3. MALWARE INFECTS SUE’S LAPTOP AS FRED 4. MALWARE INFECTS FILE SERVER AS SUE 2
  • 18. #6 Hardware-based Credentials Protection Virtual Secure Mode (VSM) VSM isolates sensitive Windows processes in a hardware based Hyper-V container VSM protects VSM kernel and Trustlets even if Windows Kernel is fully compromised Requires processor virtualization extensions (e.g.: VT-X, VT-D) Implements Credential Guard where derived credentials that VSM protected LSA Service gives to Windows are non-replayable VSM runs the Windows Kernel and a series of Trustlets (Processes) within it
  • 19. #7 Skill: PowerShell Level Master PowerShell implements great automation (and hacking tool) Some solutions are managed by Powershell only (Nano, IoT) Experience shows that administrators try to avoid it – especially these ones with great experience There are so many custom modules available: PowerForensics, AccessControl etc. You can create your own customized modules
  • 20. #8 Skill: Learn How to Talk Security to Managers Sad facts Photo: the New York Times Magazine
  • 21. #9 Skill: Event Tracing For Windows
  • 22. Second CQURE Academy Challenge http://challenge.cqureacademy.com/test.txt Task:
  • 23. #10 Skill: Log Centralization Available solutions
  • 24. #11 Skill: Mastered Windows Server 2016
  • 25. #12 Skill: Testing Yourself When You Can
  • 26. 12 Crucial Windows Security Skills for 2017
  • 27. #1 Skill: Machine Learning for Threat Protection Implementation of the process execution prevention (AppLocker etc.) #2A Skill: Incident Response Plan #2B Skill: Malware Analysis Sandbox #3 Skill: Whitelisting #4 Skill: Privileged Access Management #5 Skill: Working PKI Implementation #6 Skill: Hardware-based Credentials Protection 1 - 6
  • 28. #7 Skill: PowerShell Level Master #8 Skill: Learn How to Talk Security to Managers #9 Skill: Event Tracing For Windows #10 Skill: Log Centralization #11 Skill: Mastered Windows Server 2016 #12 Skill: Testing Yourself When You Can 7 - 12
  • 29. Summary: Best Practices Understanding is the key to security Continuous vulnerability discovery Context-Aware Analysis Prioritization Remediation and Tracking Configuration reviews Put on the Hacker’s Shoes Prevention is the key to success
  • 30. Additional Resources Websites Microsoft Virtual Academy Ars Technica The Register The Hacker News Dark Reading Krebs on Security Computer World Threat Post Beta News Tech News World Tech Crunch ZDNetSecurity Affairs Computer Weekly Network World SC Magazine Wired Schneier on Security Elie Bursztein Books ‘Windows Internals’ ‘Inside Windows Debugging’ ‘Advanced Debugging for Windows’ ‘Practical Malware Analysis’ ‘Malware Analyst's Cookbook’
  • 31.
  • 32.
  • 33. Key facts about the Advanced Windows Security Course For 2017: 1. ONCE A YEAR ONLY (each year it will be adjusted to meet the upcoming trends). 2. 12 Live Online Sessions with Paula and other experts from CQURE Academy (mostly Tuesday and Thursday, 7PM CEST / 1PM EST / 10AM PST). 3. Video recordings of sessions, slides, scripts & tools included. 4. Closed students group on Facebook (where you can exchange ideas and network). 5. Free access to CQURE Lab (where you will practice and do homework).
  • 34. The course finishes with an exam. If you pass (you get at least 70% answers correct) you will get our CQURE Academy CERTIFICATE: Windows Security Master 2017
  • 35.
  • 36. Tuition: $2,850 $1,900 ~ If you apply before end of Monday October 31 ~
  • 37. About the application process: 1. This is for professionals who’ve passed the intermediate level. We’ll skip the fluff and go straight to the advanced stuff. 2. Admission is selective - to attend you need to APPLY. 3. We prioritize: your skills and professional achievements, but also your attitude and how you can contribute to the group. 4. We’ll be taking on board 200 students only (we did soft launch at Microsoft Ignite and only 100 are still available). 5. If you apply before Monday midnight, you will secure a lower tuition fee of $1,900 (instead of $2850).
  • 38.
  • 39. The Prize For Hackers Who Won Today’s Challenge: A free seat at “Advanced Windows Security Course For 2017” (worth $2,850!)
  • 40. Q and A Time!
  • 41. Thank You! If you have questions email us at info@cqureacademy.com You can also chat us up on the page https://cqureacademy.com/advanced2017