Name: Detecting and Mitigating Active Directory Attacks
Start: 2022-07-07T09:29:00Z
End: 2022-07-07T10:05:39.000Z
Location: BrightTALK
Rating: 0

Netwrix empowers information security and governance professionals to identify and protect sensitive data to reduce the risk of a breach. Our solutions also limit the impact of attacks by helping IT teams detect, respond and recover from them faster and with less effort. Over 13,000 organizations worldwide rely on Netwrix solutions to strengthen their security and compliance posture across all three primary attack vectors: data, identity and infrastructure.

In today's digital world, data access governance has become a crucial aspect of protecting sensitive information. Organizations are facing increasing challenges when it comes to managing data access and ensuring the security of their critical data. Join our upcoming webinar to learn about best practices for data access governance and how Netwrix solutions can help simplify this task.
 
During the webinar, we will discuss the following topics:
 
- The importance of data access governance in the digital age
- Best practices for identifying and classifying sensitive data
- Techniques for implementing access controls and permissions
- Strategies for monitoring and auditing data access
 
Netwrix offers a comprehensive suite of solutions that help organizations automate data access governance tasks, reducing the risk of data breaches and improving compliance with data protection regulations. Join us to learn more about how Netwrix solutions can simplify your data access governance tasks, and protect your sensitive information in the digital age.

Data Access Governance in the Digital Age

The cybersecurity insurance landscape is shifting as cyber attacks, like ransomware and malware, are becoming more sophisticated. We’re confronted with the uncomfortable reality where conventional approaches, such as meeting minimum compliance requirements and sticking to traditional privilege access management strategies, don’t do enough to protect an organization’s data. What’s worse is that only meeting the minimum can create gaps in cyber insurance and drive up premium costs.

Cyber insurance companies can have very specific requirements around an organization's current security practices, such as their EDR. To keep premiums down and to stay ahead of nefarious actors, one approach to consider is to adopt quick-to-deploy strategies, such as a more advanced concept of privilege access management called PAM+. It’s an approach that eliminates the impact of compromised admin credentials through Just-in-Time access, renders password-stealing malware ineffective, and delivers rapid time-to-value.

Watch this recording to deep dive into:

- A brief primer on the current cyber insurance landscape.
- How legacy PAM toolsets and approaches meet compliance requirements may not protect against the realized actual risk that cyber insurance providers care about.
- Recent case studies illustrate how PAM+ can help protect your organization from attacks involving lateral movement.

How PAM+ helps maximize your cyber Insurance coverage

Whether you use your Windows as your server OS for your AD, DC, SQL or file server or as the go-to operating system for your end-users; each application requires a properly hardened state and continuous control of changes to the setup.

Any unexpected change to a system file can indicate a security breach, a malware infection or other malicious activity that puts your business at risk. File integrity monitoring (FIM) is so critical for data security that most common compliance regulations and security frameworks, including PCI DSS, HIPAA, FISMA and NIST, recommend implementing it whenever possible.

Even more, FIM should always be paired with system hardening, the establishment of a stable base of known good configurations.

So join our new webinar to discover how to:
- Use hardening benchmarks to start with a best-practice approach for you IT estate
- Tune the achieved to a baseline that fits your needs and risks
- Monitor critical file activity that might indicate an ongoing attack
- Ensure configuration stability while avoiding drift and event noise
- Maintain and audit compliance while validating ITSM roll-outs

FIM and System Hardening: Detect and Prevent Cyberthreats in Windows

Misused credentials are at the center of cyberattacks, used for gaining access, moving laterally, exfiltrating data, and more. Passwords can be obtained through social engineering, brute force, and password spray attacks. Human error and weak passwords are also a problem. There are resources available to identify and strengthen password security. In this training session, experts will discuss the current state of insecure password use, password spraying, auditing environments for weak passwords, and enforcing granular password policies to protect against attacks.

A Look at Password Spraying Attacks and the Role of Weak Passwords

In the face of modern Windows desktop challenges, both Group Policy and MDM fall short. But one tool rises to the occasion, adding a new dimension of power and functionality: Netwrix PolicyPak. Indeed, as the stakes continue to get higher and the challenges more complex, Netwrix PolicyPak is increasingly indispensable for effective PC configuration management and security.

Are you ready for a cyber adventure like no other? Join us for the PolicyPak Cyber Quest and watch our hero, 18X Microsoft MVP and godfather of Group Policy Jeremy Moskowitz, tackle some of the most challenging desktop management issues. Will he emerge victorious?

In this live webinar, you'll have the power to choose which problems Jeremy and Netwrix PolicyPak will face. So, gather your team, prepare your questions and get ready for an interactive adventure that will change the way you think about PC management forever.

Here are some of the tough use cases you’ll have to choose from:
Eliminating local admin rights and blocking malware
Protecting USB and CD-ROM devices from malware and data exfiltration
Reducing GPOs and eliminate loopback
Migrate GPOs from on-prem to Cloud, Intune. or any MDM service
 
Join us for the PolicyPak Cyber Quest and take the first step towards a more secure digital future.

[Cyber Quest] Choose Your Own Security Adventure

The last two decades have seen massive change in the IT landscape: We’ve seen workloads shift from the datacenter to the cloud, applications move from the desktop to mobile devices, and an increase in the frequency and sophistication of attacks to the point where it's not if you’ll get breached but when. Yet, the process we use for locking down access to our most sensitive systems — privileged access management (PAM) — has not fundamentally changed.
Is there a better way to approach PAM? 

Join this session to learn how you can:
- Leverage just in time orchestration to remove attack surfaces
- Dynamically delegate just-enough access according to use case.
- Enable administrators to do their jobs without jumping through hoops.
- Limit the spread of malware.

PAM: We’ve Been Doing It All Wrong

PAM solutions have got a bad rap over the years. Traditionally they have been cumbersome to setup, difficult to configure and impossible to use. As a result, many organizations looking to implement PAM do so with a sense of trepidation and uncertainty.
 
In this webinar, we will show you that not all PAM solutions are created equal and how you can:
- Implement PAM quickly with minimal risk
- Improve your security posture  
- Delight your administrators with easy to use workflows
- Learn about the benefits of Zero Standing Privilege

Relief for sufferers of PAM PTSD

Today’s hybrid-work environments have resulted in organizations with “desktops” that are a convoluted mix of physical, Citrix, RDS, VDI, and more running on-premises, and in the cloud. And somehow IT is expected to find a singular means to ensure every one of them remains updated that keeps the desktop secure, the user productive, and the system secure.

Since Windows is still Windows no matter where you go, how is this possible?

Join us on Wednesday, March 15th at 1pm ET as 4-time Microsoft MVP and CEO of Conversational Geek, Nick Cavalancia talks with 18-time Microsoft MVP Jeremy Moskowitz on managing Windows in today’s heterogeneous environment. Topics will include:

· The challenge of managing Windows when it’s everywhere in every flavor
· What aspects of the desktop and OS should be part of the desktop standard?
· How to achieve a singular Windows desktop management strategy regardless of where they reside

Optimizing Windows Desktop for Security and Simplicity

Parce que le système informatique de l`entreprise ne peut pas être réputé inviolable, il est nécessaire de se donner les moyens de réagir avant qu’une compromission n’atteigne les données et systèmes critiques.
 
Les analyses du secteur révèlent que les attaquants se cachent souvent dans les systèmes et réseaux d’entreprise pendant près d’un an avant d’être découverts, et plus il faut de temps pour repérer une menace, plus la violation des données qui en résulte peut être coûteuse.

Regardez notre webinaire et découvrez comment :

- Identifier dynamiquement les tentatives d’accès
- Protéger vos comptes à privilèges

Empêchez la violation de la sécurité en bloquant les accès malveillants

Is your legacy tool for endpoint privilege management EOL'ing soon? Are you looking for a cost-effective replacement that provides feature parity and maintains the security and compliance you've already implemented? Perhaps you're new to endpoint privilege management and seeking out a solution to your "local admin problem" once and for all. If you answered "yes" to any of these questions, you won't want to miss this webinar and product demonstration!
 
Privileged accounts with local or domain admin rights pose substantial security and compliance risk to your organisation's underlying information systems. These accounts in the hands of malicious actors can cause significant operational damage, including data theft, espionage, sabotage, ransom, or bypassing critical safety controls. Implementing the principle of least privilege across endpoints can mitigate these risks while optimizing operational efficiency.
 
Attend this webinar to see how Netwrix SbPAM and Netwrix PolicyPak Least Privilege Manager enable admins and standard users to complete privileged tasks securely. You'll also see how easy, fast, and cost-effective it is to transition away from legacy tools for endpoint privilege management that may soon reach its end of life!
 
During the webinar, you will learn how Netwrix SbPAM and Netwrix PolicyPak can help you:
·   Enforce least privilege functionality across Windows and Mac endpoints.
·   Prevent malware, ransomware, lateral movement, and unauthorised system changes.
·   Simplify how domain admins complete privileged tasks, which improves response times and mean time to resolution (MTTR).
·   Optimize performance and productivity without sacrificing security or compliance.
·   Replace legacy PAM tools without the headache

PAM Parity: Replacing Your Legacy Endpoint Privilege Management Solution Quickly

Business and technical end-users often require local admin rights to perform tasks or access applications. Adding standard users to the local administrator group may provide workers the permissions they need but creates significant security risk and may violate regulatory compliance. Microsoft’s Local Administrator Password Solution (LAPS) also creates risk, as bad actors can easily exploit temporary privileged access. Without the right balance of privilege and productivity, organizations are forced to sacrifice security for operational efficiency.

Fortunately, advanced endpoint privilege management technology provides organizations with the tools they need to securely elevate local admin rights on an as-needed basis. With advanced endpoint privilege management, domain administrators can elevate local admin rights for only the applications and processes end-users need. By elevating admin rights for specific applications and tasks, organizations can sustain organizational productivity without the risk of over-privileged users. Join Jeremy Moskowitz, 17X Microsoft MVP, for a demonstration of how this technology works and can be used to address common endpoint security and productivity challenges.

During this webinar you will learn how advanced endpoint privilege management technologies:
- Elevate admin rights for specific applications and processes across domain-joined, non-domain joined, MDM enrolled, and virtual environments
- Overcome the security risks associated with LAPS and local administrator groups
- Enable end-users to request elevated permissions on an as-needed basis
- Manage read, write and execute permissions for USB sticks and external storage drives.

Privilege vs Productivity: How to Elevate Local Admin Rights Securely

Está seguro de que ningún usuario ha comprometido información confidencial de su empresa? ¿Tiene controlada su red y los accesos a los datos?

Cada vez más organizaciones de cualquier tamaño y sector reconocen el valor de realizar periódicamente auditorías de TI, pero resulta ser un proceso laborioso y lento. Descubra cómo el software Netwrix Auditor puede aliviar su carga de auditoría y ayudarle a reducir su riesgo IT con bastante menos esfuerzo.

¿Quiere dormir tranquilo sabiendo que su negocio está seguro? Vea el nuestro seminario web para aprender cómo:  

- Auditar sus sistemas informáticos más importantes desde una única plataforma centralizada
- Proteger sus activos críticos para minimizar el riesgo de una exfiltración de datos
- Detectar las amenazas de seguridad de manera rápida y proactiva; y comprobar si sus controles de seguridad son efectivos
- Reducir su riesgo de IT al disponer de la información necesaria en segundos
- Superar las auditorías de cumplimiento normativo; ahorrando tiempo y dinero

Cómo evitar la fuga de información sensible de su empresa

A single improper change to an AD object can seriously damage both performance and security — so you need a solution that empowers you to quickly pinpoint and roll back those modifications. More broadly, you need to be able to spot suspicious behaviour in time to prevent costly breaches and downtime.

During the webinar, we’ll show you how you can:

Proactively identify and mitigate AD security gaps before attackers exploit them.
Promptly detect and contain even advanced threats.
Quickly recover from undesired changes and security incidents.

If the Breach Comes: Defend & Recover Your Active Directory

Join us for an in-depth look at the sophisticated tactics, techniques and procedures (TTPs) that attackers employ to compromise credentials and data.

In this 40-minute session, we explain and demonstrate all key phases of the cyber kill chain, including discovery, privilege escalation, lateral movement and persistence.

Detecting and Mitigating Active Directory Attacks

Le paysage des menaces évolue rapidement, avec des attaques devenant de plus en plus sophistiquées et couteuses pour les entreprises. Une seule modification inappropriée dans Active Directory peut gravement nuire aux performances et à la sécurité. Il est important d` être en mesure de repérer à temps les menaces avant leur manifestation afin d'éviter les brèches et la perte d'activité coûteuses.

Regardez notre webinaire pour découvrir comment vous pouvez :

- Identifier de manière proactive et atténuer les failles de sécurité AD avant que les attaquants ne les exploitent
- Détecter en temps réel les attaques, même les plus avancées
- Simplifier l`investigation et la récupération en cas d`incident
- Arrêter les incidents ultra rapidement pour éviter les dommages graves

Comment détecter les menaces pour AD en temps réel

The average time to detect a data breach is 207 days, according to the Cost of a Data Breach Report 2022 by IBM. When adversaries compromise your network, typically they don’t start acting right away; they keep a low profile to look around and identify the best ways to compromise your network. This malicious activity often includes making changes to system configuration files — changes that can be detected by file integrity monitoring (FIM).

Of course, legitimate activity like patching can also result in configuration changes, so to avoid alert fatigue, you need a FIM solution that can distinguish between planned and unplanned changes.

Watch this webinar to discover how to: 
- Minimise your attack surface area by establishing and maintaining secure configurations
- Spot early signs of cyber threats by analysing unexpected configuration changes
- Ensure compliance by implementing CIS controls and benchmarks

Combating Malware: Detect Configuration Changes Before It’s Too Late

Une bonne gestion des mots de passe est primordiale pour la sécurité et la santé du système informatique de l’entreprise indépendamment de la taille et du secteur d’activité.

Сependant, elle va au-delà du choix des mots de passes forts, et représente un défi majeur, vu la variété et les particularités des sources des données à accéder à tout moment, ainsi que le support nécessaire.

Est-il possible d’assurer la facilité d’usage des mots de passe avec moins d’efforts et des coûts, tout en éliminant une grande partie de la cyber fatigue au quotidien ?

Regardez notre webinaire pour découvrir comment :
- Définir et appliquer une politique des mots de passe sûre et la faire respecter facilement au quotidien
- Renforcer la posture de sécurité en toute simplicité
- Simplifier la vie des utilisateurs et des équipes informatiques, augmenter leur productivité

Et plus encore pour éviter le casse-tête des mots de passe !

Évitez le casse-tête des mots de passe [French]

Having a layered defense is of paramount importance because if one level of mitigation fails, another one takes over. The more layers of security present, the more resilience you have against multiple failures in strategy. Mitigations you can try and cut down on lateral movement include aggressive auditing, network segmentation, firewall rules, GPOs/Intune, PAM, user access control, and more.

LockDown 2022: Restricting Lateral Movement in Windows Desktop Environments

Active Directory (AD) quite literally holds the keys to the kingdom. If AD compromised, the security of everything connected to it is compromised as well.
 
Join Adam Rosen and Alex McCoy for an in-depth look at the sophisticated tactics, techniques and procedures (TTPs) that attackers employ to compromise credentials and data. We will explain and demonstrate all key phases of the cyber kill chain, including:
·   Discovery
·   Lateral movement
·   Privilege escalation
·   Persistence

Plus, you will learn how to detect and mitigate powerful TTPs, including LDAP reconnaissance, Pass-the-Hash, password extraction from NTDS.dit and more!

Data Security

Active Directory

Cyber Defence

Cyber Attacks

Security Strategy

Information Security

Cyber Crime

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Detecting and Mitigating Active Directory Attacks

Presented by

About this talk

More from this channel