SlideShare a Scribd company logo

RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastructure: Mandatory Check List

Paula Januszkiewicz
Paula Januszkiewicz

If there is a weakness in your IT security system, wouldn’t it be better to find it before someone else does? As long as we are aware about the value of the resources to be protected, why don’t we put ourselves into the hacker’s role and perform like they do? You will become familiar with the mandatory tasks that are performed by hackers to check for misconfigurations and vulnerabilities.

Education
1 of 21
SESSION ID:SESSION ID: #RSAC Paula Januszkiewicz Hacker’s Perspective on Your Windows Infrastructure: Mandatory Check List TECH-W10 CEO, Security Expert, Penetration Tester & Trainer, MVP CQURE @paulacqure | paula@cqure.us
#RSAC
#RSAC
#RSAC Agenda
#RSAC Session Goal Be familiar with the possibilities of the operating system From the user mode and kernel mode We are NOT talking about the forensics! … just doing a little hacking + conclusions My goal: See one of the ways hacker can act
#RSAC Agenda
#RSAC Know your victim
#RSAC Know the services
#RSAC Attack Users Users Users rarely have software up to date Awareness issues ... But for hacker it may be not enough Administrators Local account Password reuse for workstations Different password for workstations Domain account Domain user being local administrator Domain administrator
#RSAC The meaning of scripts
#RSAC Make your backdoor persistent Services DLLs Startup (Menu Start) Task Scheduler LSA Providers Run, Run Once GPO Notification Package Winlogon Image Hijacking Drivers Etc.
#RSAC Stay Persistent
#RSAC Stay undetected If you are not ready to attack: stay stealth and do not change the system behavior Hide your traces Processes Files Infrastructure performance Network traffic Server / Client Platform Performance
#RSAC Stay undetected
#RSAC Leverage your position
#RSAC Victim Recon
#RSAC Use victims to attack more targets Create the remotely controlled network Automate next scans Create your own botnet What can be the hacker’s goal in your infrastructure?
#RSAC Agenda
#RSAC Apply Offline access protection, implementation of solutions like BitLocker. Implementation of the process execution prevention (AppLocker etc.) Log centralization, log reviews - searching for the anomalies, certain log error codes. Performing the regular audits of code running on the servers (fe. Autoruns). Maintenance: Backup implementation and regular updating. Review of the services running on the accounts that are not built in. Change them to gMSAs where possible, set up SPNs. Get rid of NETBIOS. Try to avoid NTLMv2, especially if you do not have AppLocker in place or SMB Signing. Client protection: Implement of the anti-exploit solutions.
#RSAC Apply What You Have Learned Today Next week you should: Implement Local Admin Password Management or other password management solution Build the plan of the periodical configuration reviews and penetration tests (security checks) In the first three months following this presentation you should: Implement the Security Awareness Program among employees and technical training for administrators Review the configuration of client-side firewall and enabling the programs that can communicate through the network Limit of the amount of services running on the servers (SCW and manual activities) Within six month you should: Implement scoping (role management) for permissions and employee roles (SQL Admins, Server Admins etc.) Review network segmentation (+ IPSec Isolation, DNSSec etc.)
#RSAC Apply What You Have Learned Today Next week you should: Implement Local Admin Password Management or other password management solution Build the plan of the periodical configuration reviews and penetration tests (security checks) In the first three months following this presentation you should: Implement the Security Awareness Program among employees and technical training for administrators Review the configuration of client-side firewall and enabling the programs that can communicate through the network Limit of the amount of services running on the servers (SCW and manual activities) Within six month you should: Implement scoping (role management) for permissions and employee roles (SQL Admins, Server Admins etc.) Review network segmentation (+ IPSec Isolation, DNSSec etc.)

Recommended

12 Crucial Windows Security Skills for 2017
12 Crucial Windows Security Skills for 201712 Crucial Windows Security Skills for 2017
12 Crucial Windows Security Skills for 2017Paula Januszkiewicz
 
The hacker playbook: How to think and act like a cybercriminal to reduce risk...
The hacker playbook: How to think and act like a cybercriminal to reduce risk...The hacker playbook: How to think and act like a cybercriminal to reduce risk...
The hacker playbook: How to think and act like a cybercriminal to reduce risk...Paula Januszkiewicz
 
12 Crucial Windows Security Skills for 2018
12 Crucial Windows Security Skills for 201812 Crucial Windows Security Skills for 2018
12 Crucial Windows Security Skills for 2018Paula Januszkiewicz
 
rsa-usa-2019-keynote-paula-januszkiewicz
rsa-usa-2019-keynote-paula-januszkiewiczrsa-usa-2019-keynote-paula-januszkiewicz
rsa-usa-2019-keynote-paula-januszkiewiczPaula Januszkiewicz
 
Top 10 ways to make hackers excited: All about the shortcuts not worth taking
Top 10 ways to make hackers excited: All about the shortcuts not worth takingTop 10 ways to make hackers excited: All about the shortcuts not worth taking
Top 10 ways to make hackers excited: All about the shortcuts not worth takingPaula Januszkiewicz
 
30 Cybersecurity Skills You Need To Become a Windows Security Pro
30 Cybersecurity Skills You Need To Become a Windows Security Pro 30 Cybersecurity Skills You Need To Become a Windows Security Pro
30 Cybersecurity Skills You Need To Become a Windows Security Pro Paula Januszkiewicz
 
Top 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth Taking
Top 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth TakingTop 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth Taking
Top 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth TakingPaula Januszkiewicz
 
Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...
Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...
Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...Paula Januszkiewicz
 

Recommended

12 Crucial Windows Security Skills for 2017
12 Crucial Windows Security Skills for 201712 Crucial Windows Security Skills for 2017
12 Crucial Windows Security Skills for 2017Paula Januszkiewicz
 
The hacker playbook: How to think and act like a cybercriminal to reduce risk...
The hacker playbook: How to think and act like a cybercriminal to reduce risk...The hacker playbook: How to think and act like a cybercriminal to reduce risk...
The hacker playbook: How to think and act like a cybercriminal to reduce risk...Paula Januszkiewicz
 
12 Crucial Windows Security Skills for 2018
12 Crucial Windows Security Skills for 201812 Crucial Windows Security Skills for 2018
12 Crucial Windows Security Skills for 2018Paula Januszkiewicz
 
rsa-usa-2019-keynote-paula-januszkiewicz
rsa-usa-2019-keynote-paula-januszkiewiczrsa-usa-2019-keynote-paula-januszkiewicz
rsa-usa-2019-keynote-paula-januszkiewiczPaula Januszkiewicz
 
Top 10 ways to make hackers excited: All about the shortcuts not worth taking
Top 10 ways to make hackers excited: All about the shortcuts not worth takingTop 10 ways to make hackers excited: All about the shortcuts not worth taking
Top 10 ways to make hackers excited: All about the shortcuts not worth takingPaula Januszkiewicz
 
30 Cybersecurity Skills You Need To Become a Windows Security Pro
30 Cybersecurity Skills You Need To Become a Windows Security Pro 30 Cybersecurity Skills You Need To Become a Windows Security Pro
30 Cybersecurity Skills You Need To Become a Windows Security Pro Paula Januszkiewicz
 
Top 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth Taking
Top 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth TakingTop 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth Taking
Top 10 Ways To Make Hackers Excited: All About The Shortcuts Not Worth TakingPaula Januszkiewicz
 
Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...
Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...
Microsoft Ignite session: Look under the hood: bypassing antimalware tactics ...Paula Januszkiewicz
 
Microsoft Ignite session: Explore adventures in the underland: forensic techn...
Microsoft Ignite session: Explore adventures in the underland: forensic techn...Microsoft Ignite session: Explore adventures in the underland: forensic techn...
Microsoft Ignite session: Explore adventures in the underland: forensic techn...Paula Januszkiewicz
 
RSA Conference 2017 session: What System Stores on the Disk Without Telling You
RSA Conference 2017 session: What System Stores on the Disk Without Telling YouRSA Conference 2017 session: What System Stores on the Disk Without Telling You
RSA Conference 2017 session: What System Stores on the Disk Without Telling YouPaula Januszkiewicz
 
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...Paula Januszkiewicz
 
Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018Paula Januszkiewicz
 
Fatal signs: 10 symptoms when you think you’ve been hacked
Fatal signs: 10 symptoms when you think you’ve been hackedFatal signs: 10 symptoms when you think you’ve been hacked
Fatal signs: 10 symptoms when you think you’ve been hackedPaula Januszkiewicz
 
Dear Hacker: Infrastructure Security Reality Check
Dear Hacker: Infrastructure Security Reality CheckDear Hacker: Infrastructure Security Reality Check
Dear Hacker: Infrastructure Security Reality CheckPaula Januszkiewicz
 
Top 10 mobile security risks - Khổng Văn Cường
Top 10 mobile security risks - Khổng Văn CườngTop 10 mobile security risks - Khổng Văn Cường
Top 10 mobile security risks - Khổng Văn CườngVõ Thái Lâm
 
Adventures in Underland: Is encryption solid as a rock or a handful of dust?
Adventures in Underland: Is encryption solid as a rock or a handful of dust?Adventures in Underland: Is encryption solid as a rock or a handful of dust?
Adventures in Underland: Is encryption solid as a rock or a handful of dust?Paula Januszkiewicz
 
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault
 
Hardening Database Server
Hardening Database ServerHardening Database Server
Hardening Database ServerFahri Firdausillah
 
BlueHat v17 || “_____ Is Not a Security Boundary." Things I Have Learned and...
BlueHat v17 || “_____ Is Not a Security Boundary." Things I Have Learned and...BlueHat v17 || “_____ Is Not a Security Boundary." Things I Have Learned and...
BlueHat v17 || “_____ Is Not a Security Boundary." Things I Have Learned and...BlueHat Security Conference
 
BlueHat v18 || May i see your credentials, please
BlueHat v18 || May i see your credentials, pleaseBlueHat v18 || May i see your credentials, please
BlueHat v18 || May i see your credentials, pleaseBlueHat Security Conference
 
Content Security Policy - Lessons learned at Yahoo
Content Security Policy - Lessons learned at YahooContent Security Policy - Lessons learned at Yahoo
Content Security Policy - Lessons learned at YahooBinu Ramakrishnan
 
Windows network
Windows networkWindows network
Windows networkJithesh Nair
 
Shields up - improving web application security
Shields up - improving web application securityShields up - improving web application security
Shields up - improving web application securityKonstantin Mirin
 
Hacker techniques for bypassing existing antivirus solutions & how to build a...
Hacker techniques for bypassing existing antivirus solutions & how to build a...Hacker techniques for bypassing existing antivirus solutions & how to build a...
Hacker techniques for bypassing existing antivirus solutions & how to build a...BeyondTrust
 
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than EverAlienVault
 
Virtual Networking Security - Network Security
Virtual Networking Security - Network SecurityVirtual Networking Security - Network Security
Virtual Networking Security - Network SecurityEng Teong Cheah
 
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...BlueHat Security Conference
 
BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat v17 || Down the Open Source Software Rabbit Hole BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat v17 || Down the Open Source Software Rabbit Hole BlueHat Security Conference
 
The RIPE Experience
The RIPE ExperienceThe RIPE Experience
The RIPE ExperienceDigital Bond
 
Windows Service Hardening
Windows Service HardeningWindows Service Hardening
Windows Service HardeningDigital Bond
 

More Related Content

What's hot

Microsoft Ignite session: Explore adventures in the underland: forensic techn...
Microsoft Ignite session: Explore adventures in the underland: forensic techn...Microsoft Ignite session: Explore adventures in the underland: forensic techn...
Microsoft Ignite session: Explore adventures in the underland: forensic techn...Paula Januszkiewicz
 
RSA Conference 2017 session: What System Stores on the Disk Without Telling You
RSA Conference 2017 session: What System Stores on the Disk Without Telling YouRSA Conference 2017 session: What System Stores on the Disk Without Telling You
RSA Conference 2017 session: What System Stores on the Disk Without Telling YouPaula Januszkiewicz
 
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...Paula Januszkiewicz
 
Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018Paula Januszkiewicz
 
Fatal signs: 10 symptoms when you think you’ve been hacked
Fatal signs: 10 symptoms when you think you’ve been hackedFatal signs: 10 symptoms when you think you’ve been hacked
Fatal signs: 10 symptoms when you think you’ve been hackedPaula Januszkiewicz
 
Dear Hacker: Infrastructure Security Reality Check
Dear Hacker: Infrastructure Security Reality CheckDear Hacker: Infrastructure Security Reality Check
Dear Hacker: Infrastructure Security Reality CheckPaula Januszkiewicz
 
Top 10 mobile security risks - Khổng Văn Cường
Top 10 mobile security risks - Khổng Văn CườngTop 10 mobile security risks - Khổng Văn Cường
Top 10 mobile security risks - Khổng Văn CườngVõ Thái Lâm
 
Adventures in Underland: Is encryption solid as a rock or a handful of dust?
Adventures in Underland: Is encryption solid as a rock or a handful of dust?Adventures in Underland: Is encryption solid as a rock or a handful of dust?
Adventures in Underland: Is encryption solid as a rock or a handful of dust?Paula Januszkiewicz
 
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault
 
BlueHat v17 || “_____ Is Not a Security Boundary." Things I Have Learned and...
BlueHat v17 || “_____ Is Not a Security Boundary." Things I Have Learned and...BlueHat v17 || “_____ Is Not a Security Boundary." Things I Have Learned and...
BlueHat v17 || “_____ Is Not a Security Boundary." Things I Have Learned and...BlueHat Security Conference
 
BlueHat v18 || May i see your credentials, please
BlueHat v18 || May i see your credentials, pleaseBlueHat v18 || May i see your credentials, please
BlueHat v18 || May i see your credentials, pleaseBlueHat Security Conference
 
Content Security Policy - Lessons learned at Yahoo
Content Security Policy - Lessons learned at YahooContent Security Policy - Lessons learned at Yahoo
Content Security Policy - Lessons learned at YahooBinu Ramakrishnan
 
Shields up - improving web application security
Shields up - improving web application securityShields up - improving web application security
Shields up - improving web application securityKonstantin Mirin
 
Hacker techniques for bypassing existing antivirus solutions & how to build a...
Hacker techniques for bypassing existing antivirus solutions & how to build a...Hacker techniques for bypassing existing antivirus solutions & how to build a...
Hacker techniques for bypassing existing antivirus solutions & how to build a...BeyondTrust
 
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than EverAlienVault
 
Virtual Networking Security - Network Security
Virtual Networking Security - Network SecurityVirtual Networking Security - Network Security
Virtual Networking Security - Network SecurityEng Teong Cheah
 
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...BlueHat Security Conference
 
BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat v17 || Down the Open Source Software Rabbit Hole BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat v17 || Down the Open Source Software Rabbit Hole BlueHat Security Conference
 

What's hot (20)

Microsoft Ignite session: Explore adventures in the underland: forensic techn...
Microsoft Ignite session: Explore adventures in the underland: forensic techn...Microsoft Ignite session: Explore adventures in the underland: forensic techn...
Microsoft Ignite session: Explore adventures in the underland: forensic techn...
 
RSA Conference 2017 session: What System Stores on the Disk Without Telling You
RSA Conference 2017 session: What System Stores on the Disk Without Telling YouRSA Conference 2017 session: What System Stores on the Disk Without Telling You
RSA Conference 2017 session: What System Stores on the Disk Without Telling You
 
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...
RSA 2018: Adventures in the Underland: Techniques against Hackers Evading the...
 
Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018
 
Fatal signs: 10 symptoms when you think you’ve been hacked
Fatal signs: 10 symptoms when you think you’ve been hackedFatal signs: 10 symptoms when you think you’ve been hacked
Fatal signs: 10 symptoms when you think you’ve been hacked
 
Dear Hacker: Infrastructure Security Reality Check
Dear Hacker: Infrastructure Security Reality CheckDear Hacker: Infrastructure Security Reality Check
Dear Hacker: Infrastructure Security Reality Check
 
Top 10 mobile security risks - Khổng Văn Cường
Top 10 mobile security risks - Khổng Văn CườngTop 10 mobile security risks - Khổng Văn Cường
Top 10 mobile security risks - Khổng Văn Cường
 
Adventures in Underland: Is encryption solid as a rock or a handful of dust?
Adventures in Underland: Is encryption solid as a rock or a handful of dust?Adventures in Underland: Is encryption solid as a rock or a handful of dust?
Adventures in Underland: Is encryption solid as a rock or a handful of dust?
 
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
 
Hardening Database Server
Hardening Database ServerHardening Database Server
Hardening Database Server
 
BlueHat v17 || “_____ Is Not a Security Boundary." Things I Have Learned and...
BlueHat v17 || “_____ Is Not a Security Boundary." Things I Have Learned and...BlueHat v17 || “_____ Is Not a Security Boundary." Things I Have Learned and...
BlueHat v17 || “_____ Is Not a Security Boundary." Things I Have Learned and...
 
BlueHat v18 || May i see your credentials, please
BlueHat v18 || May i see your credentials, pleaseBlueHat v18 || May i see your credentials, please
BlueHat v18 || May i see your credentials, please
 
Content Security Policy - Lessons learned at Yahoo
Content Security Policy - Lessons learned at YahooContent Security Policy - Lessons learned at Yahoo
Content Security Policy - Lessons learned at Yahoo
 
Windows network
Windows networkWindows network
Windows network
 
Shields up - improving web application security
Shields up - improving web application securityShields up - improving web application security
Shields up - improving web application security
 
Hacker techniques for bypassing existing antivirus solutions & how to build a...
Hacker techniques for bypassing existing antivirus solutions & how to build a...Hacker techniques for bypassing existing antivirus solutions & how to build a...
Hacker techniques for bypassing existing antivirus solutions & how to build a...
 
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
 
Virtual Networking Security - Network Security
Virtual Networking Security - Network SecurityVirtual Networking Security - Network Security
Virtual Networking Security - Network Security
 
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
 
BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat v17 || Down the Open Source Software Rabbit Hole BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat v17 || Down the Open Source Software Rabbit Hole
 

Viewers also liked

The RIPE Experience
The RIPE ExperienceThe RIPE Experience
The RIPE ExperienceDigital Bond
 
Windows Service Hardening
Windows Service HardeningWindows Service Hardening
Windows Service HardeningDigital Bond
 
Accelerating OT - A Case Study
Accelerating OT - A Case StudyAccelerating OT - A Case Study
Accelerating OT - A Case StudyDigital Bond
 
Incubation of ICS Malware (English)
Incubation of ICS Malware (English)Incubation of ICS Malware (English)
Incubation of ICS Malware (English)Digital Bond
 
Internet Accessible ICS in Japan (English)
Internet Accessible ICS in Japan (English)Internet Accessible ICS in Japan (English)
Internet Accessible ICS in Japan (English)Digital Bond
 
S4xJapan Closing Keynote
S4xJapan Closing KeynoteS4xJapan Closing Keynote
S4xJapan Closing KeynoteDigital Bond
 
Attacking and Defending Autos Via OBD-II from escar Asia
Attacking and Defending Autos Via OBD-II from escar AsiaAttacking and Defending Autos Via OBD-II from escar Asia
Attacking and Defending Autos Via OBD-II from escar AsiaDigital Bond
 
Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)Digital Bond
 
Dynamic Zoning Based On Situational Activity in ICS (Japanese)
Dynamic Zoning Based On Situational Activity in ICS (Japanese)Dynamic Zoning Based On Situational Activity in ICS (Japanese)
Dynamic Zoning Based On Situational Activity in ICS (Japanese)Digital Bond
 
Remote Control Automobiles at ESCAR US 2015
Remote Control Automobiles at ESCAR US 2015Remote Control Automobiles at ESCAR US 2015
Remote Control Automobiles at ESCAR US 2015Digital Bond
 
The Stuxnet Worm creation process
The Stuxnet Worm creation processThe Stuxnet Worm creation process
The Stuxnet Worm creation processAjay Ohri
 
Survey and Analysis of ICS Vulnerabilities (Japanese)
Survey and Analysis of ICS Vulnerabilities (Japanese)Survey and Analysis of ICS Vulnerabilities (Japanese)
Survey and Analysis of ICS Vulnerabilities (Japanese)Digital Bond
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityChris Sistrunk
 
ICS Security Training ... What Works and What Is Needed (Japanese)
ICS Security Training ... What Works and What Is Needed (Japanese)ICS Security Training ... What Works and What Is Needed (Japanese)
ICS Security Training ... What Works and What Is Needed (Japanese)Digital Bond
 
Abusing Microsoft Kerberos - Sorry you guys don't get it
Abusing Microsoft Kerberos - Sorry you guys don't get itAbusing Microsoft Kerberos - Sorry you guys don't get it
Abusing Microsoft Kerberos - Sorry you guys don't get itBenjamin Delpy
 
BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...
BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...
BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...Benjamin Delpy
 
PT - Siemens WinCC Flexible Security Hardening Guide
PT - Siemens WinCC Flexible Security Hardening GuidePT - Siemens WinCC Flexible Security Hardening Guide
PT - Siemens WinCC Flexible Security Hardening Guideqqlan
 
Golden ticket, pass the ticket mi tm kerberos attacks explained
Golden ticket, pass the ticket mi tm kerberos attacks explainedGolden ticket, pass the ticket mi tm kerberos attacks explained
Golden ticket, pass the ticket mi tm kerberos attacks explainedPeter Swedin
 
DEF CON 23 - NSM 101 for ICS
DEF CON 23 - NSM 101 for ICSDEF CON 23 - NSM 101 for ICS
DEF CON 23 - NSM 101 for ICSChris Sistrunk
 

Viewers also liked (20)

The RIPE Experience
The RIPE ExperienceThe RIPE Experience
The RIPE Experience
 
Windows Service Hardening
Windows Service HardeningWindows Service Hardening
Windows Service Hardening
 
Accelerating OT - A Case Study
Accelerating OT - A Case StudyAccelerating OT - A Case Study
Accelerating OT - A Case Study
 
Incubation of ICS Malware (English)
Incubation of ICS Malware (English)Incubation of ICS Malware (English)
Incubation of ICS Malware (English)
 
Internet Accessible ICS in Japan (English)
Internet Accessible ICS in Japan (English)Internet Accessible ICS in Japan (English)
Internet Accessible ICS in Japan (English)
 
S4xJapan Closing Keynote
S4xJapan Closing KeynoteS4xJapan Closing Keynote
S4xJapan Closing Keynote
 
Attacking and Defending Autos Via OBD-II from escar Asia
Attacking and Defending Autos Via OBD-II from escar AsiaAttacking and Defending Autos Via OBD-II from escar Asia
Attacking and Defending Autos Via OBD-II from escar Asia
 
Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)
 
Dynamic Zoning Based On Situational Activity in ICS (Japanese)
Dynamic Zoning Based On Situational Activity in ICS (Japanese)Dynamic Zoning Based On Situational Activity in ICS (Japanese)
Dynamic Zoning Based On Situational Activity in ICS (Japanese)
 
Remote Control Automobiles at ESCAR US 2015
Remote Control Automobiles at ESCAR US 2015Remote Control Automobiles at ESCAR US 2015
Remote Control Automobiles at ESCAR US 2015
 
Kerberos
KerberosKerberos
Kerberos
 
The Stuxnet Worm creation process
The Stuxnet Worm creation processThe Stuxnet Worm creation process
The Stuxnet Worm creation process
 
Survey and Analysis of ICS Vulnerabilities (Japanese)
Survey and Analysis of ICS Vulnerabilities (Japanese)Survey and Analysis of ICS Vulnerabilities (Japanese)
Survey and Analysis of ICS Vulnerabilities (Japanese)
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS security
 
ICS Security Training ... What Works and What Is Needed (Japanese)
ICS Security Training ... What Works and What Is Needed (Japanese)ICS Security Training ... What Works and What Is Needed (Japanese)
ICS Security Training ... What Works and What Is Needed (Japanese)
 
Abusing Microsoft Kerberos - Sorry you guys don't get it
Abusing Microsoft Kerberos - Sorry you guys don't get itAbusing Microsoft Kerberos - Sorry you guys don't get it
Abusing Microsoft Kerberos - Sorry you guys don't get it
 
BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...
BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...
BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...
 
PT - Siemens WinCC Flexible Security Hardening Guide
PT - Siemens WinCC Flexible Security Hardening GuidePT - Siemens WinCC Flexible Security Hardening Guide
PT - Siemens WinCC Flexible Security Hardening Guide
 
Golden ticket, pass the ticket mi tm kerberos attacks explained
Golden ticket, pass the ticket mi tm kerberos attacks explainedGolden ticket, pass the ticket mi tm kerberos attacks explained
Golden ticket, pass the ticket mi tm kerberos attacks explained
 
DEF CON 23 - NSM 101 for ICS
DEF CON 23 - NSM 101 for ICSDEF CON 23 - NSM 101 for ICS
DEF CON 23 - NSM 101 for ICS
 

Similar to RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastructure: Mandatory Check List

Red team-view-gaps-in-the-serverless-application-attack-surface
Red team-view-gaps-in-the-serverless-application-attack-surfaceRed team-view-gaps-in-the-serverless-application-attack-surface
Red team-view-gaps-in-the-serverless-application-attack-surfacePriyanka Aash
 
Vulnerability Management: How to Think Like a Hacker to Reduce Risk
Vulnerability Management: How to Think Like a Hacker to Reduce RiskVulnerability Management: How to Think Like a Hacker to Reduce Risk
Vulnerability Management: How to Think Like a Hacker to Reduce RiskBeyondTrust
 
Cloud security : Automate or die
Cloud security : Automate or dieCloud security : Automate or die
Cloud security : Automate or diePriyanka Aash
 
Pragmatic Security Automation for Cloud
Pragmatic Security Automation for CloudPragmatic Security Automation for Cloud
Pragmatic Security Automation for CloudPriyanka Aash
 
Building an Enterprise-scale DevSecOps Infrastructure: Lessons Learned
Building an Enterprise-scale DevSecOps Infrastructure: Lessons LearnedBuilding an Enterprise-scale DevSecOps Infrastructure: Lessons Learned
Building an Enterprise-scale DevSecOps Infrastructure: Lessons LearnedPrateek Mishra
 
Corpsec: “What Happened to Corpses A and B?”
Corpsec: “What Happened to Corpses A and B?”Corpsec: “What Happened to Corpses A and B?”
Corpsec: “What Happened to Corpses A and B?”Priyanka Aash
 
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & RecoveryCLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & RecoveryPriyanka Aash
 
Tips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management ProgramTips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management ProgramBeyondTrust
 
DevSecOps in Baby Steps
DevSecOps in Baby StepsDevSecOps in Baby Steps
DevSecOps in Baby StepsPriyanka Aash
 
DevSecOps in Baby Steps
DevSecOps in Baby StepsDevSecOps in Baby Steps
DevSecOps in Baby StepsPriyanka Aash
 
13. Neville Varnham - PeopleSoft Cyber Security
13. Neville Varnham - PeopleSoft Cyber Security13. Neville Varnham - PeopleSoft Cyber Security
13. Neville Varnham - PeopleSoft Cyber SecurityCedar Consulting
 
Abhishek-New (1)
Abhishek-New (1)Abhishek-New (1)
Abhishek-New (1)Abhishek Sa
 
Brochure Swascan Overview
Brochure Swascan OverviewBrochure Swascan Overview
Brochure Swascan OverviewSara Colnago
 
IDY-T08 More than Vaulting: Adapting to New Privileged Access Threats
IDY-T08 More than Vaulting: Adapting to New Privileged Access ThreatsIDY-T08 More than Vaulting: Adapting to New Privileged Access Threats
IDY-T08 More than Vaulting: Adapting to New Privileged Access ThreatsLance Peterman
 
Practical appsec lessons learned in the age of agile and DevOps
Practical appsec lessons learned in the age of agile and DevOpsPractical appsec lessons learned in the age of agile and DevOps
Practical appsec lessons learned in the age of agile and DevOpsPriyanka Aash
 
OWASP Secure Coding Quick Reference Guide
OWASP Secure Coding Quick Reference GuideOWASP Secure Coding Quick Reference Guide
OWASP Secure Coding Quick Reference GuideAryan G
 
Securing your web applications a pragmatic approach
Securing your web applications a pragmatic approachSecuring your web applications a pragmatic approach
Securing your web applications a pragmatic approachAntonio Parata
 
Aspirin as a Service: Using the Cloud to Cure Security Headaches
Aspirin as a Service: Using the Cloud to Cure Security HeadachesAspirin as a Service: Using the Cloud to Cure Security Headaches
Aspirin as a Service: Using the Cloud to Cure Security HeadachesPriyanka Aash
 
AWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWSAWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWSEric Smalling
 

Similar to RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastructure: Mandatory Check List (20)

Red team-view-gaps-in-the-serverless-application-attack-surface
Red team-view-gaps-in-the-serverless-application-attack-surfaceRed team-view-gaps-in-the-serverless-application-attack-surface
Red team-view-gaps-in-the-serverless-application-attack-surface
 
Vulnerability Management: How to Think Like a Hacker to Reduce Risk
Vulnerability Management: How to Think Like a Hacker to Reduce RiskVulnerability Management: How to Think Like a Hacker to Reduce Risk
Vulnerability Management: How to Think Like a Hacker to Reduce Risk
 
Cloud security : Automate or die
Cloud security : Automate or dieCloud security : Automate or die
Cloud security : Automate or die
 
Pragmatic Security Automation for Cloud
Pragmatic Security Automation for CloudPragmatic Security Automation for Cloud
Pragmatic Security Automation for Cloud
 
Building an Enterprise-scale DevSecOps Infrastructure: Lessons Learned
Building an Enterprise-scale DevSecOps Infrastructure: Lessons LearnedBuilding an Enterprise-scale DevSecOps Infrastructure: Lessons Learned
Building an Enterprise-scale DevSecOps Infrastructure: Lessons Learned
 
Corpsec: “What Happened to Corpses A and B?”
Corpsec: “What Happened to Corpses A and B?”Corpsec: “What Happened to Corpses A and B?”
Corpsec: “What Happened to Corpses A and B?”
 
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & RecoveryCLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery
CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery
 
Tips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management ProgramTips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management Program
 
DevSecOps in Baby Steps
DevSecOps in Baby StepsDevSecOps in Baby Steps
DevSecOps in Baby Steps
 
DevSecOps in Baby Steps
DevSecOps in Baby StepsDevSecOps in Baby Steps
DevSecOps in Baby Steps
 
13. Neville Varnham - PeopleSoft Cyber Security
13. Neville Varnham - PeopleSoft Cyber Security13. Neville Varnham - PeopleSoft Cyber Security
13. Neville Varnham - PeopleSoft Cyber Security
 
Abhishek-New (1)
Abhishek-New (1)Abhishek-New (1)
Abhishek-New (1)
 
Brochure Swascan Overview
Brochure Swascan OverviewBrochure Swascan Overview
Brochure Swascan Overview
 
Swascan
Swascan Swascan
Swascan
 
IDY-T08 More than Vaulting: Adapting to New Privileged Access Threats
IDY-T08 More than Vaulting: Adapting to New Privileged Access ThreatsIDY-T08 More than Vaulting: Adapting to New Privileged Access Threats
IDY-T08 More than Vaulting: Adapting to New Privileged Access Threats
 
Practical appsec lessons learned in the age of agile and DevOps
Practical appsec lessons learned in the age of agile and DevOpsPractical appsec lessons learned in the age of agile and DevOps
Practical appsec lessons learned in the age of agile and DevOps
 
OWASP Secure Coding Quick Reference Guide
OWASP Secure Coding Quick Reference GuideOWASP Secure Coding Quick Reference Guide
OWASP Secure Coding Quick Reference Guide
 
Securing your web applications a pragmatic approach
Securing your web applications a pragmatic approachSecuring your web applications a pragmatic approach
Securing your web applications a pragmatic approach
 
Aspirin as a Service: Using the Cloud to Cure Security Headaches
Aspirin as a Service: Using the Cloud to Cure Security HeadachesAspirin as a Service: Using the Cloud to Cure Security Headaches
Aspirin as a Service: Using the Cloud to Cure Security Headaches
 
AWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWSAWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWS
 

Recently uploaded

ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnvESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnvRicaMaeCastro1
 
4.11.24 Poverty and Inequality in America.pptx
4.11.24 Poverty and Inequality in America.pptx4.11.24 Poverty and Inequality in America.pptx
4.11.24 Poverty and Inequality in America.pptxmary850239
 
An Overview of the Calendar App in Odoo 17 ERP
An Overview of the Calendar App in Odoo 17 ERPAn Overview of the Calendar App in Odoo 17 ERP
An Overview of the Calendar App in Odoo 17 ERPCeline George
 
4.9.24 Social Capital and Social Exclusion.pptx
4.9.24 Social Capital and Social Exclusion.pptx4.9.24 Social Capital and Social Exclusion.pptx
4.9.24 Social Capital and Social Exclusion.pptxmary850239
 
Employablity presentation and Future Career Plan.pptx
Employablity presentation and Future Career Plan.pptxEmployablity presentation and Future Career Plan.pptx
Employablity presentation and Future Career Plan.pptxryandux83rd
 
Congestive Cardiac Failure..presentation
Congestive Cardiac Failure..presentationCongestive Cardiac Failure..presentation
Congestive Cardiac Failure..presentationdeepaannamalai16
 
Narcotic and Non Narcotic Analgesic..pdf
Narcotic and Non Narcotic Analgesic..pdfNarcotic and Non Narcotic Analgesic..pdf
Narcotic and Non Narcotic Analgesic..pdfPrerana Jadhav
 
Grade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptxGrade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptxkarenfajardo43
 
Scientific Writing :Research Discourse
Scientific Writing :Research DiscourseScientific Writing :Research Discourse
Scientific Writing :Research DiscourseAnita GoswamiGiri
 
Satirical Depths - A Study of Gabriel Okara's Poem - 'You Laughed and Laughed...
Satirical Depths - A Study of Gabriel Okara's Poem - 'You Laughed and Laughed...Satirical Depths - A Study of Gabriel Okara's Poem - 'You Laughed and Laughed...
Satirical Depths - A Study of Gabriel Okara's Poem - 'You Laughed and Laughed...HetalPathak10
 
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...DhatriParmar
 
MS4 level being good citizen -imperative- (1) (1).pdf
MS4 level being good citizen -imperative- (1) (1).pdfMS4 level being good citizen -imperative- (1) (1).pdf
MS4 level being good citizen -imperative- (1) (1).pdfMr Bounab Samir
 
Oppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and FilmOppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and FilmStan Meyer
 
BÀI TẬP BỔ TRỢ TIẾNG ANH 11 THEO ĐƠN VỊ BÀI HỌC - CẢ NĂM - CÓ FILE NGHE (GLOB...
BÀI TẬP BỔ TRỢ TIẾNG ANH 11 THEO ĐƠN VỊ BÀI HỌC - CẢ NĂM - CÓ FILE NGHE (GLOB...BÀI TẬP BỔ TRỢ TIẾNG ANH 11 THEO ĐƠN VỊ BÀI HỌC - CẢ NĂM - CÓ FILE NGHE (GLOB...
BÀI TẬP BỔ TRỢ TIẾNG ANH 11 THEO ĐƠN VỊ BÀI HỌC - CẢ NĂM - CÓ FILE NGHE (GLOB...Nguyen Thanh Tu Collection
 
How to Make a Duplicate of Your Odoo 17 Database
How to Make a Duplicate of Your Odoo 17 DatabaseHow to Make a Duplicate of Your Odoo 17 Database
How to Make a Duplicate of Your Odoo 17 DatabaseCeline George
 

Recently uploaded (20)

INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptxINCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
 
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnvESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
 
4.11.24 Poverty and Inequality in America.pptx
4.11.24 Poverty and Inequality in America.pptx4.11.24 Poverty and Inequality in America.pptx
4.11.24 Poverty and Inequality in America.pptx
 
An Overview of the Calendar App in Odoo 17 ERP
An Overview of the Calendar App in Odoo 17 ERPAn Overview of the Calendar App in Odoo 17 ERP
An Overview of the Calendar App in Odoo 17 ERP
 
4.9.24 Social Capital and Social Exclusion.pptx
4.9.24 Social Capital and Social Exclusion.pptx4.9.24 Social Capital and Social Exclusion.pptx
4.9.24 Social Capital and Social Exclusion.pptx
 
Employablity presentation and Future Career Plan.pptx
Employablity presentation and Future Career Plan.pptxEmployablity presentation and Future Career Plan.pptx
Employablity presentation and Future Career Plan.pptx
 
Congestive Cardiac Failure..presentation
Congestive Cardiac Failure..presentationCongestive Cardiac Failure..presentation
Congestive Cardiac Failure..presentation
 
Narcotic and Non Narcotic Analgesic..pdf
Narcotic and Non Narcotic Analgesic..pdfNarcotic and Non Narcotic Analgesic..pdf
Narcotic and Non Narcotic Analgesic..pdf
 
Grade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptxGrade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptx
 
Plagiarism,forms,understand about plagiarism,avoid plagiarism,key significanc...
Plagiarism,forms,understand about plagiarism,avoid plagiarism,key significanc...Plagiarism,forms,understand about plagiarism,avoid plagiarism,key significanc...
Plagiarism,forms,understand about plagiarism,avoid plagiarism,key significanc...
 
Scientific Writing :Research Discourse
Scientific Writing :Research DiscourseScientific Writing :Research Discourse
Scientific Writing :Research Discourse
 
Satirical Depths - A Study of Gabriel Okara's Poem - 'You Laughed and Laughed...
Satirical Depths - A Study of Gabriel Okara's Poem - 'You Laughed and Laughed...Satirical Depths - A Study of Gabriel Okara's Poem - 'You Laughed and Laughed...
Satirical Depths - A Study of Gabriel Okara's Poem - 'You Laughed and Laughed...
 
prashanth updated resume 2024 for Teaching Profession
prashanth updated resume 2024 for Teaching Professionprashanth updated resume 2024 for Teaching Profession
prashanth updated resume 2024 for Teaching Profession
 
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
 
MS4 level being good citizen -imperative- (1) (1).pdf
MS4 level being good citizen -imperative- (1) (1).pdfMS4 level being good citizen -imperative- (1) (1).pdf
MS4 level being good citizen -imperative- (1) (1).pdf
 
Spearman's correlation,Formula,Advantages,
Spearman's correlation,Formula,Advantages,Spearman's correlation,Formula,Advantages,
Spearman's correlation,Formula,Advantages,
 
Oppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and FilmOppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and Film
 
BÀI TẬP BỔ TRỢ TIẾNG ANH 11 THEO ĐƠN VỊ BÀI HỌC - CẢ NĂM - CÓ FILE NGHE (GLOB...
BÀI TẬP BỔ TRỢ TIẾNG ANH 11 THEO ĐƠN VỊ BÀI HỌC - CẢ NĂM - CÓ FILE NGHE (GLOB...BÀI TẬP BỔ TRỢ TIẾNG ANH 11 THEO ĐƠN VỊ BÀI HỌC - CẢ NĂM - CÓ FILE NGHE (GLOB...
BÀI TẬP BỔ TRỢ TIẾNG ANH 11 THEO ĐƠN VỊ BÀI HỌC - CẢ NĂM - CÓ FILE NGHE (GLOB...
 
Chi-Square Test Non Parametric Test Categorical Variable
Chi-Square Test Non Parametric Test Categorical VariableChi-Square Test Non Parametric Test Categorical Variable
Chi-Square Test Non Parametric Test Categorical Variable
 
How to Make a Duplicate of Your Odoo 17 Database
How to Make a Duplicate of Your Odoo 17 DatabaseHow to Make a Duplicate of Your Odoo 17 Database
How to Make a Duplicate of Your Odoo 17 Database
 

RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastructure: Mandatory Check List

  • 1. SESSION ID:SESSION ID: #RSAC Paula Januszkiewicz Hacker’s Perspective on Your Windows Infrastructure: Mandatory Check List TECH-W10 CEO, Security Expert, Penetration Tester & Trainer, MVP CQURE @paulacqure | paula@cqure.us
  • 5. #RSAC Session Goal Be familiar with the possibilities of the operating system From the user mode and kernel mode We are NOT talking about the forensics! … just doing a little hacking + conclusions My goal: See one of the ways hacker can act
  • 9. #RSAC Attack Users Users Users rarely have software up to date Awareness issues ... But for hacker it may be not enough Administrators Local account Password reuse for workstations Different password for workstations Domain account Domain user being local administrator Domain administrator
  • 11. #RSAC Make your backdoor persistent Services DLLs Startup (Menu Start) Task Scheduler LSA Providers Run, Run Once GPO Notification Package Winlogon Image Hijacking Drivers Etc.
  • 13. #RSAC Stay undetected If you are not ready to attack: stay stealth and do not change the system behavior Hide your traces Processes Files Infrastructure performance Network traffic Server / Client Platform Performance
  • 17. #RSAC Use victims to attack more targets Create the remotely controlled network Automate next scans Create your own botnet What can be the hacker’s goal in your infrastructure?
  • 19. #RSAC Apply Offline access protection, implementation of solutions like BitLocker. Implementation of the process execution prevention (AppLocker etc.) Log centralization, log reviews - searching for the anomalies, certain log error codes. Performing the regular audits of code running on the servers (fe. Autoruns). Maintenance: Backup implementation and regular updating. Review of the services running on the accounts that are not built in. Change them to gMSAs where possible, set up SPNs. Get rid of NETBIOS. Try to avoid NTLMv2, especially if you do not have AppLocker in place or SMB Signing. Client protection: Implement of the anti-exploit solutions.
  • 20. #RSAC Apply What You Have Learned Today Next week you should: Implement Local Admin Password Management or other password management solution Build the plan of the periodical configuration reviews and penetration tests (security checks) In the first three months following this presentation you should: Implement the Security Awareness Program among employees and technical training for administrators Review the configuration of client-side firewall and enabling the programs that can communicate through the network Limit of the amount of services running on the servers (SCW and manual activities) Within six month you should: Implement scoping (role management) for permissions and employee roles (SQL Admins, Server Admins etc.) Review network segmentation (+ IPSec Isolation, DNSSec etc.)
  • 21. #RSAC Apply What You Have Learned Today Next week you should: Implement Local Admin Password Management or other password management solution Build the plan of the periodical configuration reviews and penetration tests (security checks) In the first three months following this presentation you should: Implement the Security Awareness Program among employees and technical training for administrators Review the configuration of client-side firewall and enabling the programs that can communicate through the network Limit of the amount of services running on the servers (SCW and manual activities) Within six month you should: Implement scoping (role management) for permissions and employee roles (SQL Admins, Server Admins etc.) Review network segmentation (+ IPSec Isolation, DNSSec etc.)