Hi [[ session.user.profile.firstName ]]

Explorer le réseau et AD pour recueillir les informations nécessaires [French]

Que vous soyez utilisateur de technologies Cloud ou non, Active Directory demeure une brique essentielle de votre informatique globale. Quelle que soit la taille de votre organisation il convient de mettre en place une stratégie de sécurité efficace afin de vous assurer de la continuité de service de votre outil de production.

Au travers du deuxième webinar, vous allez découvrir :
- Comment explorer votre réseau local et votre annuaire Active Directory depuis un point d’attaque
- Quels outils utiliser pour préparer l’élévation de privilège
- Les méthodes diverses permettant de prendre le contrôle des comptes à pouvoir

[Etape 1] Attaquer AD : Comment prendre possession d’une workstation et commencer l’attaque
https://www.brighttalk.com/webcast/17251/482567
[Etape 3] Attaquer AD : Comment contrôler Active Directory par l’élévation de privilèges
https://www.brighttalk.com/webcast/17251/482585
Recorded Apr 16 2021 68 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Sylvain Cortes, IAM & CyberSecurity Market Expert / Microsoft MVP
Presentation preview: Explorer le réseau et AD pour recueillir les informations nécessaires [French]

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Data Classification Software Overview Recorded: May 5 2021 29 mins
    Nicholas Matta, Solutions Engineer at Netwrix
    Every day, your organization collects and produces tons of data. How can you possibly keep it all secure and organized? Netwrix Data Classification enables you to discover and tag your business-critical data and reduce its exposure. Plus, it also helps you achieve and prove your compliance with PCI DSS, HIPAA, CCPA and other regulations.

    Watch this product demo and learn how to:
    • Accurately identify sensitive and regulated data outside of secure locations and protect it
    • Prove regulatory compliance on your first attempt
    • Satisfy data subject access requests (DSARs) with far less effort and expense
    • Reduce your attack surface by cleaning up obsolete or trivial information
    • Respond to legal requests without putting your business on hold
  • IT Audit Software Overview Recorded: May 5 2021 28 mins
    Jordan Jasnoch, Solutions Engineer at Netwrix
    With threats growing in both number and sophistication every day and regulations imposing increasingly strict requirements, you are always fighting an uphill battle. Arm yourself with Netwrix Auditor to kick-start your IT risk assessment program, secure your critical assets and slash preparation time for compliance audits by up to 85%.
    Watch this 30-minute session and learn how you can:
    • Identify and mitigate both data and infrastructure security gaps
    • Protect your critical assets to minimize the risk of a data breach
    • Reduce the mean time to detect security threats and contain incidents
    • Prove your adherence to compliance regulations with less effort

    Learn more: https://www.netwrix.com/auditor.html?cID=7014u000001JVZN
  • ZeroLogon – What Every Organization needs to Know and Do Now Recorded: May 5 2021 28 mins
    Kevin Joyce, Technical Product Manager & Joe Dibley, Security Researcher, Stealthbits now part of Netwrix
    The recently discovered Zerologon exploit has sent shockwaves across organizations worldwide, as a vulnerability in the NetLogon Remote Protocol, allowing an unauthenticated attacker to connect to an Active Directory Domain Controller and subsequently own an Active Directory domain with ease. Despite a rapid response from Microsoft which included new group policy options, Registry keys, and event log entries, the implementation of these mitigative and detective controls are unfortunately far from straightforward. In the meantime, the clock is ticking for organizations and technology vendors to eradicate the existence of insecure NetLogon connections before the February 9, 2021 enforcement deadline, as well as for attackers seeking to leverage the exploit before the window of opportunity dissipates. Where does your organization stand? What's at risk? What can you do to expedite your organization's timeline to a secure state? Join Stealthbits' Technical Product Manager, Kevin Joyce and Security Researcher, Joe Dibley, for a quick, informative, 30-minute webinar about Zerologon where they'll answer important questions, such as:
    • What is Zerologon?
    • How does it work?
    • Why is action needed now?
    • What can Stealthbits do to help?
  • Attackers Are Bypassing MFA – What You Need to Know Recorded: May 5 2021 57 mins
    Jeff Warren, GM-Products, Stealthbits now part of Netwrix
    Multi-Factor Authentication (MFA) has become a critical and powerful technology within enterprise Information Security programs, which is precisely why attackers have focused on how to work around it. Join Stealthbits GM of Products and Cybersecurity Expert, Jeff Warren, to learn how attackers are taking advantage of MFA's blind spots and developing ways of bypassing MFA altogether, and of course, what you need to know in order to do something about it.
  • Privileged Access Management Solution Overview Recorded: May 5 2021 60 mins
    Martin Cannard, VP of Product Strategy for Privileged Access Management, Stealthbits now part of Netwrix
    Privileged Access Management (PAM) tools have proven to be essential components of information security and compliance programs, yet privileged account compromise remains a nagging issue despite broad scale adoption of password vaults. Stealthbits' (now part of Netwrix) approach to Privileged Access Management fills the gaps and overcomes the challenges of traditional PAM solutions, providing comprehensive visibility into an organization's privileged account footprint, surgical control over privileged account usage, and the ability to effectively eliminate the sizable threat surface privileged accounts represent through the reduction of privileged accounts. Join Martin Cannard, Stealthbits Technologies' VP of Product Strategy - Privileged Access Management, as he outlines the challenges organizations face with traditional PAM tools and how Stealthbits can help.
  • Data Access Governance Solution Overview Recorded: May 5 2021 47 mins
    Adam Rosen, VP of Product Strategy for Data Access Governance, Stealthbits now part of Netwrix
    Access and permissions to data are excessive and management is highly complex and error prone. The location of sensitive data is largely unknown (especially across unstructured data repositories) and is also the primary target in virtually every breach scenario. With increasing external pressures via existing and new regulations, 3rd party demands, and customer concerns, the need to gain control over data of all types has never been more dire. A well-executed Data Access Governance (DAG) program is the solution to the problem. DAG is about making access to data exclusive. It's about limiting the number of people who have access to data - and their permissions to data - to the lowest levels possible. Stealthbits' (now part of Netwrix) Data Access Governance solution provides organizations with the capabilities and approaches needed to identify, secure, and maximize the value of data wherever it resides. Join Adam Rosen, VP of Product Strategy, as he reviews the difficult data security and privacy challenges organizations face today and how Stealthbits can help.
  • Active Directory Management & Security Solution Overview Recorded: May 5 2021 49 mins
    Damon Tepe (former), Director of Product Marketing & Jeff Warren, GM-Products, Stealthbits now part of Netwrix
    Active Directory (AD) is leveraged by over 90% of enterprises worldwide as the authentication and authorization hub of their IT infrastructure. AD contains the most critical credentials, which is why attackers have developed sophisticated attack tactics, techniques, and procedures that work with remarkable success. Active Directory’s inherent complexity leaves it prone to misconfiguration, exposing it to security risk that most organizations can’t handle due to the lack of resources necessary to monitor AD properly and protect it. Stealthbits believes AD is secure and efficient when it's clean, understood, configured properly, monitored closely, and controlled tightly. Stealthbits (now part of Netwrix) industry-leading suite of AD solutions enable organizations to effectively manage and secure AD at the levels required to mitigate the risks of advanced attacks, compliance failure, and operational outage. Join us as we review the many challenges organizations face in the management and security of AD and how Stealthbits can help.
  • Prioritizing Password Security – The Good, the Bad, and the Ineffective Recorded: Apr 30 2021 60 mins
    Troy Hunt, Microsoft Regional Directory and MVP for Developer Security
    The worldwide COVID-19 pandemic hasn't necessarily changed how we do business, but almost instantly has changed where many of us do it from. Safe within the confines of our brick and mortar facilities and shielded LANs, we pushed stringent password security to the side in favor of other pressing projects. Now out in the open and spread across potentially thousands of locations, password security must rise to the top of the priority list. Partnering with our APAC distributor, emt Distribution, Stealthbits Technologies encourages you to join Microsoft Regional Director and MVP for Developer Security, Troy Hunt, for an informative overview of password security and why prioritizing it now is more important than ever before. Learn more about his work on the Have I been Pwned (HIBP) database and how it can help keep your organization more secure. We’ll also have Rod Simmons, VP of Product Strategy for Active Directory (AD) from Stealthbits join to share his experience from the field and discuss the differences between on-premises password controls via AD and Microsoft Azure Password Protect, how your organization can align with popular NIST guidelines, and what stronger password policy means for risk reduction.
  • How to Protect Your Organization Against Lateral Movement Attacks Recorded: Apr 30 2021 29 mins
    Martin Cannard, VP of Product Strategy for Privileged Access Management, Stealthbits now part of Netwrix
    Privileged Access Management (PAM) solutions seek to address a simple question - how do we appropriately provide and protect privileged access to our IT assets? Traditional PAM products have focused on deploying controls on top of an enterprise's existing identity practices, like providing password and session management for shared built-in admin accounts, or a password-of-the-day for personal privileged accounts. Unfortunately these approaches focus on protecting identities that permanently possess privileges on systems, databases, applications, and more, ultimately leaving your organization vulnerable to Lateral Movement attacks. Simply put, admin privileges provide the means attackers require to complete their mission through elevated permissions, and these "always-on" privileged accounts offer exactly what's needed... But there's an alternative and modern approach - Zero Standing Privileges (ZSP). Join Martin Cannard, Stealthbits Technologies' VP of Product Strategy, as he reviews this pioneering new concept and demonstrates how you can eliminate standing privileges and replace them with a policy-driven process for obtaining privileged access, drastically reducing your threat surface.
  • Data Privacy via Data Security Recorded: Apr 30 2021 31 mins
    Adam Rosen, VP of Product Strategy for Data Access Governance, Stealthbits now part of Netwrix
    Gartner Recently conducted it's annual Security & Risk Summit, and one of the key takeaways from it was this projection: there will be a major jump in Data Privacy regulations in the near future - from 10% of the world's data covered currently, to 65% in 2023. That's a 550% increase in less than two years... Data security can be achieved without data privacy, but you can't effectively fulfill data privacy without data security. In terms of complying with regulations, or protecting against breaches, you must know your data and have protections for it. Without those measures, you won't be able to justify it to a regulator, or safeguard it from malicious intent from internal and external threats. It's not Data Privacy vs. Data Security, but rather Data Privacy via Data Security. Join Adam Rosen, Stealthbits Technologies' VP of Product Strategy, as he breaks down what you need to manage cybersecurity breaches and regulatory compliance, including:
    • Controls for managing different data types
    • Policies and processes for managing access
    • Highly restricted permissioning
  • Pragmatic advice from Gavin Ashton, author of ‘Maersk, me & notPetya' Recorded: Apr 30 2021 60 mins
    Gavin Ashton, Security Strategist & Gerrit Lansing, CSO, Stealthbits now part of Netwrix
    June 27, 2017 was far from a basic day for Gavin Ashton. As the Identity & Access Management SME and Service Owner for one of the world’s largest freight transport and logistics conglomerates, the day marked the beginning of two, intimately intertwined experiences. In the days and weeks to follow, he learned how to recover from a devastating ransomware attack that wiped out virtually everything of consequence. Over the course of many months, he subsequently learned about the effects – both negative and positive – such an event can make on an organization and an individual. This period of enlightenment taught Gavin about what’s really important, what cooperation really looks and feels like, and what really works for the IT professionals tasked with managing and protecting their organizations’ IT infrastructure from compromise and catastrophe. Join Identity & Security Expert and author of the viral “Maersk, me, & notPetya” blog post, Gavin Ashton, for a 60-minute crash course on why “Do[ing] the basics” is any organization’s best option for mitigating the risks associated with credential compromise and advanced threats. Stealthbits’ Field CTO, Gerrit Lansing, will also provide attendees a useful and valuable real-world practitioners guide to leverage when implementing Gavin’s advice, providing specifics on the approaches and tactics organizations can leverage to quickly secure what matters most.
  • Are Standing Privileges Making You a Sitting Duck Recorded: Apr 30 2021 36 mins
    Gerrit Lansing, CSO, Stealthbits now part of Netwrix
    The jolting increase in “work from home” users combined with more active adversaries is straining traditional security controls and creating new risks. However, while the risk surface has increased, the tactics, techniques, and procedures attackers are leveraging to compromise sensitive data and entire domains are largely the same, as they continue to focus their sights on privileged accounts and the standing privileges they maintain to nearly every organizational resource. Join Stealthbits Field CTO and Privileged Access Management Expert, Gerrit Lansing, to learn how adopting a Zero Standing Privilege (ZSP) approach to Privileged Access Management can reduce the risk of Active Directory compromise and other critical platforms.
  • [A Hacker Explains] Practical Steps to Secure Your SQL Database Recorded: Apr 29 2021 61 mins
    Liam Cleary, Microsoft MVP and a founder of SharePlicity
    Because SQL servers are so often attacked, it is critical to strengthen your defences and minimise your risk. Most SQL Server breaches are caused by misconfigurations, incorrect permissions or insufficient controls. In this webinar, we will explain how you can significantly improve the security of your SQL servers and thwart would-be attackers.

    In this session, you will learn how to:
    • Properly configure SQL Server to block attacks
    • Ensure the correct permissions are created and assigned
    • Know who has access to what in your SQL Server
    • Find and secure the sensitive data you store in SQL Server
  • [A Hacker Explains] Top 5 Ways Attackers Can Break into SQL Databases Recorded: Apr 29 2021 64 mins
    Liam Cleary, Microsoft MVP and a founder of SharePlicity
    SQL servers are a top target for attackers. Not only do they store a great deal of valuable data, but they also make an excellent platform from which to pivot and further investigate and attack the network. This webinar reveals the most common tools and techniques that attackers use to break into SQL servers and how you can spot their activity.

    In this session, you will learn:
    • Common SQL Server attack vectors
    • How hackers use SQL Server to pivot further into the network
    • Tools attackers use for hacking SQL Server
    • How to mitigate the risk of privilege abuse
    • How to detect suspicious activity around your structured data
  • AD Attack Paths – How Object-level Permissions Lead to Inadvertent Access Recorded: Apr 29 2021 31 mins
    Jeff Warren, GM-Products, Stealthbits now part of Netwrix
    The overwhelming majority of organizations worldwide leverage Active Directory (AD) as their central hub of authentication and authorization. It literally holds the keys to the kingdom, and because of this, it is a central target for threat actors to leverage in order to infiltrate your organization. Unfortunately, native tools and views into AD and AD object permissions lack the ability to scale effectively, even in smaller environments. Without this insight, your organization is vulnerable to a variety of AD attack paths and inadvertent access that can lead to serious data breaches. Join Jeff Warren, GM, Stealthbits Technologies, as he reviews:
    • How attackers can exploit weak AD permissioning
    • Weak Password Identification and Reset Capabilities
    • Unconstrained Delegation Permissions
  • Access Transformation: How to achieve Least Privileged Access for organization Recorded: Apr 29 2021 28 mins
    Adam Rosen, VP of Product Strategy for Data Access Governance, Stealthbits now part of Netwrix
    One of the most basic things an organization can do to ensure their security posture is to implement a Least Privileged Access Model. The principle of least privilege (POLP) stems from the idea that users should only have access to the resources they need to adequately perform the duties they are required to do. Seems pretty simple - for example, you wouldn't give the newly hired Sales Rep access to your Financial share, right? This process results in benefits like better security, reduced opportunity for lateral movement attacks, better protection against other types of cyberattacks (i.e. malware), and a healthier network overall. But how do you get there? Where do you start? Join Adam Rosen, Stealthbits Technologies' VP of Product Strategy, as he reviews our 6 step process to achieving Least Privileged Access:
    • Discover
    • Evaluate Privileges
    • Manage
    • Monitor
    • Built-in Administrative Rights
    • Enforce Least Privilege Delegation
  • The History of Passwords Recorded: Apr 29 2021 23 mins
    Troy Hunt, Microsoft Regional Director and MVP for Developer Security
    Stealthbits (now part of Netwrix) guest speaker Troy Hunt discusses the history of passwords - Where we've come from, where we are at the moment, and where things are going in the future.
  • Prioritizing Password Security for Your Suddenly Remote Workforce Recorded: Apr 29 2021 50 mins
    Rod Simmons (former) VP of Product Strategy for Active Directory, Stealthbits now part of Netwrix
    The worldwide COVID-19 pandemic hasn't necessarily changed how we do business, but almost instantly has changed where many of us do it from. Safe within the confines of our brick and mortar facilities and shielded LANs, we pushed stringent password security to the side in favor of other pressing projects. Now out in the open and spread across potentially thousands of locations, password security must rise to the top of the priority list. Join Stealthbits (now part of Netwrix) VP of Product Strategy and Active Directory SME, Rod Simmons, to learn the differences between on-premises password controls via Active Directory and Microsoft Azure Password Protect, how your organization can align with popular NIST guidelines, and what stronger password policy means for risk reduction in our new "Work From Home" business culture.
  • Learn from Industry Experts: How Businesses Like Yours Protect Sensitive Data Recorded: Apr 22 2021 59 mins
    Robert Masterson (Security Consultant at Atos) and Michael Howden (Senior Global Cybersecurity Leader at Novacoast)
    In the second episode, we’ll welcome Robert Masterson (CISSP, CISM and Security Consultant at Atos) and Michael Howden (Senior Global Cybersecurity Leader and Strategic Advisor at Novacoast). These industry experts spend every day helping businesses like yours identify security gaps and protect sensitive data. Join us to hear their cybersecurity insights first hand.

    Lessons from the trenches:
    • How the cyberthreat landscape is changing
    • Which tools will truly help you maintain a secure IT infrastructure
    • The security gaps most commonly detected in organizations like yours
    • The most effective ways to build a bridge between business leaders and IT
  • MS Teams und Office 365 als neue Zielscheibe für Cyberkriminelle [German] Recorded: Apr 20 2021 71 mins
    Yves Kraft, Penetration Tester & Security Consultant, BSc FH CS, ISO 27001 Lead Auditor, OSCP, OPST, OSSTMM Trainer
    Gerade in Zeiten von COVID-19 wird die Digitalisierung in unterschiedlichen Bereichen zwangsläufig vorangetrieben. Damit rückten in den letzten Monaten insbesondere cloudbasierte Anwendungen immer mehr in den Fokus von Cyberkriminellen. Neben anderen namhaften Produkten haben sich Office 365 und Teams von Microsoft als meistgenutzte Online-Kollaborationsplattform etabliert. Ein Angreifer mit gestohlenen Zugangsdaten kann nahezu ungehinderten Zugang zu Teams und allen unterstützenden Diensten erhalten.
    In diesem Webinar aus der Serie «Von einem Hacker erklärt…» wird gezeigt, welche gängigen Angriffe auf MS Teams und Office 365 existieren und wie Ihre Firma dadurch ebenfalls ungewollt zur Zielscheibe werden kann. Zudem lernen Sie, wie Sie sich vor solchen Angriffen schützen können und welche Möglichkeiten Netwrix dazu bietet.
Powerful Data Security Made Easy
Netwrix empowers information security and governance professionals to reclaim control over sensitive, regulated and business-critical data, regardless of where it resides. Over 10,000 organizations worldwide rely on Netwrix solutions to secure sensitive data, realize the full business value of enterprise content, pass compliance audits with less effort and expense, and increase the productivity of IT teams and knowledge workers.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Explorer le réseau et AD pour recueillir les informations nécessaires [French]
  • Live at: Apr 16 2021 3:07 pm
  • Presented by: Sylvain Cortes, IAM & CyberSecurity Market Expert / Microsoft MVP
  • From:
Your email has been sent.
or close