Name: If the Breach Comes: Defend and Recover Your Active Directory
Start: 2023-02-22T18:00:00Z
End: 2023-02-22T18:58:37.000Z
Location: BrightTALK
Rating: 0

Netwrix empowers information security and governance professionals to identify and protect sensitive data to reduce the risk of a breach. Our solutions also limit the impact of attacks by helping IT teams detect, respond and recover from them faster and with less effort. Over 13,000 organizations worldwide rely on Netwrix solutions to strengthen their security and compliance posture across all three primary attack vectors: data, identity and infrastructure.

Is your legacy tool for endpoint privilege management EOL'ing soon? Are you looking for a cost-effective replacement that provides feature parity and maintains the security and compliance you've already implemented? Perhaps you're new to endpoint privilege management and seeking out a solution to your "local admin problem" once and for all. If you answered "yes" to any of these questions, you won't want to miss this webinar and product demonstration!
 
Privileged accounts with local or domain admin rights pose substantial security and compliance risk to your organisation's underlying information systems. These accounts in the hands of malicious actors can cause significant operational damage, including data theft, espionage, sabotage, ransom, or bypassing critical safety controls. Implementing the principle of least privilege across endpoints can mitigate these risks while optimizing operational efficiency.
 
Attend this webinar to see how Netwrix SbPAM and Netwrix PolicyPak Least Privilege Manager enable admins and standard users to complete privileged tasks securely. You'll also see how easy, fast, and cost-effective it is to transition away from legacy tools for endpoint privilege management that may soon reach its end of life!
 
During the webinar, you will learn how Netwrix SbPAM and Netwrix PolicyPak can help you:
·   Enforce least privilege functionality across Windows and Mac endpoints.
·   Prevent malware, ransomware, lateral movement, and unauthorised system changes.
·   Simplify how domain admins complete privileged tasks, which improves response times and mean time to resolution (MTTR).
·   Optimize performance and productivity without sacrificing security or compliance.
·   Replace legacy PAM tools without the headache

PAM Parity: Replacing Your Legacy Endpoint Privilege Management Solution Quickly

Business and technical end-users often require local admin rights to perform tasks or access applications. Adding standard users to the local administrator group may provide workers the permissions they need but creates significant security risk and may violate regulatory compliance. Microsoft’s Local Administrator Password Solution (LAPS) also creates risk, as bad actors can easily exploit temporary privileged access. Without the right balance of privilege and productivity, organizations are forced to sacrifice security for operational efficiency.

Fortunately, advanced endpoint privilege management technology provides organizations with the tools they need to securely elevate local admin rights on an as-needed basis. With advanced endpoint privilege management, domain administrators can elevate local admin rights for only the applications and processes end-users need. By elevating admin rights for specific applications and tasks, organizations can sustain organizational productivity without the risk of over-privileged users. Join Jeremy Moskowitz, 17X Microsoft MVP, for a demonstration of how this technology works and can be used to address common endpoint security and productivity challenges.

During this webinar you will learn how advanced endpoint privilege management technologies:
- Elevate admin rights for specific applications and processes across domain-joined, non-domain joined, MDM enrolled, and virtual environments
- Overcome the security risks associated with LAPS and local administrator groups
- Enable end-users to request elevated permissions on an as-needed basis
- Manage read, write and execute permissions for USB sticks and external storage drives.

Privilege vs Productivity: How to Elevate Local Admin Rights Securely

The crux of every cyberattack’s success or failure today is privileges – without them, the threat actor has no ability to execute anything, move laterally, infect endpoints, access data, or basically do anything remotely malicious.  While most of the time we all focus on administrative privileges to an endpoint, a server, or Active Directory, it’s critical to implement a state of least privilege – all the way down to you operating system and its applications.
 
Woe is the admin who hands out “local administrator rights” for any period of time, only to find out that the end user has done unmentionable things to the machine, reduced security or let the bad guys in.
At the same time, we all also know that the organisation expects users to be productive and able to complete their job. So, there needs to be a happy medium – one where the cybersecurity objectives of the organisation are definitely met, while users can still get work done.
 
So, what should a least privilege management framework look like that meets both goals?
 
In this Real Training for Free webinar, 4-time Microsoft MVP, Nick Cavalancia, again takes my seat and first covers:
 
· Defining Least Privilege – going deeper than just “Admin”
· How cyberattacks have taken advantage of privileges – from admin to application
· How MITRE spells out some of the privilege types you should be including
 
Next up, Nick will be joined by 18-time Microsoft Windows Management MVP, Jeremy Moskowitz who will discuss:
 
· Ways attackers take advantage of application and operating system privileges
· How implementing a least privilege framework can help prevent ransomware/malware, zero day attacks, phishing-based attacks
· Pros and cons of native management tools like LAPS, Applocker, LUAbuglight and Procmon
· Practical OS and applications examples where least privilege can make endpoints more secure using the context of Group Policy and Microsoft Endpoint Manager

Implementing a Least Privilege Management Framework on Windows and macOS Devices

Le paysage des menaces évolue rapidement, avec des attaques devenant de plus en plus sophistiquées et couteuses pour les entreprises. Une seule modification inappropriée dans Active Directory peut gravement nuire aux performances et à la sécurité. Il est important d` être en mesure de repérer à temps les menaces avant leur manifestation afin d'éviter les brèches et la perte d'activité coûteuses.

Regardez notre webinaire pour découvrir comment vous pouvez :

- Identifier de manière proactive et atténuer les failles de sécurité AD avant que les attaquants ne les exploitent
- Détecter en temps réel les attaques, même les plus avancées
- Simplifier l`investigation et la récupération en cas d`incident
- Arrêter les incidents ultra rapidement pour éviter les dommages graves

Comment détecter les menaces pour AD en temps réel

Une bonne gestion des mots de passe est primordiale pour la sécurité et la santé du système informatique de l’entreprise indépendamment de la taille et du secteur d’activité.

Сependant, elle va au-delà du choix des mots de passes forts, et représente un défi majeur, vu la variété et les particularités des sources des données à accéder à tout moment, ainsi que le support nécessaire.

Est-il possible d’assurer la facilité d’usage des mots de passe avec moins d’efforts et des coûts, tout en éliminant une grande partie de la cyber fatigue au quotidien ?

Regardez notre webinaire pour découvrir comment :
- Définir et appliquer une politique des mots de passe sûre et la faire respecter facilement au quotidien
- Renforcer la posture de sécurité en toute simplicité
- Simplifier la vie des utilisateurs et des équipes informatiques, augmenter leur productivité

Et plus encore pour éviter le casse-tête des mots de passe !

Évitez le casse-tête des mots de passe [French]

Having a layered defense is of paramount importance because if one level of mitigation fails, another one takes over. The more layers of security present, the more resilience you have against multiple failures in strategy. Mitigations you can try and cut down on lateral movement include aggressive auditing, network segmentation, firewall rules, GPOs/Intune, PAM, user access control, and more.

LockDown 2022: Restricting Lateral Movement in Windows Desktop Environments

Learn strategies and tactics for preventing ransomware attacks and managing attacks "if" they occur.

LockDown 2022: Ransomware: Before, During, and After an Attack

Get an MEM/Intune overview and see the community critiques. Learn what MEM/Intune is good for and see some demos live in action!

LockDown 2022: No Intune No problem Alternatives to modernize & manage endpoints

Learn how to get out of the local admin rights business, stop ransomware and unknown software in its tracks, and handle USB/CD-ROM threats with ease. You'll also see how easy it is to manage and secure remote and hybrid workers, automate everything (and anything) and unlock Windows Management capabilities you never thought possible.

LockDown 2022: Endpoint Management Lockdown w/ PolicyPak: GPO, Intune, & Cloud

It’s no secret that cyberattacks need a foothold within your organization. And given Microsoft holds that an attacker sits undetected on your network for a median of 146 days, there has to be a reason beyond “they just such an amazing hacker.” In reality, there are plenty of ways your Windows desktops actually **help** the bad guy continue their malicious activities that result in stolen data, encrypted systems, and compromised environments. 

So, how are threat actors taking advantage of your Windows desktops, and what should you do to stop them?

In this lively webcast, join Microsoft MVP, Nick Cavalancia, as he discusses:

• Why threat actors love Windows endpoints
• 3 examples of how endpoints are used within a cyberattack to the benefit of the threat actor
• Ways you can lockdown your desktops to reduce the attack surface and thwart malicious actions

LockDown 2022: 3 Ways Desktops are a Threat Actors Best Friend & What You Can Do

Learn about critical windows endpoint actions for 2022!

LockDown 2022: Critical Windows Endpoint Actions for 2022

Microsoft Endpoint Manager and Autopilot are critical tools for managing and securing IT resources, but utilizing these tools in a hybrid environment creates new risks and challenges. Join Microsoft MVP, Shabaz Darr, for best practices on managing and securing Hybrid resources with Microsoft Endpoint Manager and Autopilot.

During this webinar, you will learn:
- Why Autopilot is key
- How Microsoft Endpoint Manager can help 
- Policies, profiles, Windows Update for Business, ConfigMgr
- Importance of AzureAD
- Use cases
- And more!

Implementing Microsoft Endpoint Manager and Autopilot in a Hybrid World

Penetration testing looks for several types of vulnerabilities, including social engineering, misconfigurations, open ports, encryption flaws, and more. The purpose of these tests is to help you identify and remediate issues that put your organization at risk.

Join Paula Januszkiewicz for a PolicyPak LockDown session that focuses on Penetration testing best practices. During her presentation and demo, she’ll explain what type of vulnerabilities penetration tests look for and demonstrate live penetration tests, tips, and tricks.

How to Survive Your Penetration Test and Help Your Whole Company

Ransomware is one of the most common yet dangerous types of malware. In today’s remote-work environment, blocking and preventing malware like ransomware becomes even more difficult. Fortunately, 16X Microsoft MVP and Least Privilege management expert Jeremy Moskowitz is here to demonstrate how you can protect your environment in any windows environment.

Join Jeremy Moskowitz, 16X Microsoft MVP, and Enterprise Mobility Extradranoire for a PolicyPak LockDown session that reviews a real ransomware case study and recommendations on preventing in the future. Throughout his talk, Jeremy will review topics like:
- How ransomware attackers get in
- Least privilege management best practices
- Remediation tactics
- Prevention tips

How Not to Get Hacked: Recommendations from an Actual Ransomware Attacker

Always On VPN provides a single, cohesive solution for remote access. In the age of remote work, it’s critical that users have access that supports domain-joined, nondomain-joined (workgroup), or Azure AD–joined devices, even personally owned devices. Problem is, delivering policies and settings in these scenarios is more challenging than you think!

Join Richard Hicks, Always-On VPN guru, and former Microsoft MVP, for an exclusive webinar that focuses on Always-On VPN Best Practices and how you can use PolicyPak to extend your policy delivering power. Throughout the talk, Richard will show you the evolution from Direct Access to Always-on VPN and how administrators can leverage its capabilities to increase efficiency and accelerate productivity.

Always-on VPN 101

See what's new with Intune for Windows 10 & 11, brought to you by the Product Management Team!

LockDown 2022: Using Intune to Manage Windows 10 & 11: From Product Management!

Remote work and work-from-home present new risks as the security perimeter gets harder to manage. Now administrators must manage security for users in domain-joined, non-domain joined, and MDM-based environments, all with different access requirements, while still maintaining similar security and compliance levels.

Watch Sami Laiho, Microsoft MVP and world-leading Windows security expert, for a PolicyPak LockDown session that will genuinely help you LOCKDOWN your Windows environment. During his session, Sami Laiho tackles the top 10 Security Settings, which you can implement NOW to block attackers as users work from home.

10 Work From Home Security Settings You Can Implement Now to Block Attackers

There is so much that can go wrong with your AD, either unintentionally or maliciously. Admins can make crucial mistakes when creating, removing or modifying user accounts, security groups and Group Policy, and of course Active Directory is a top target for attackers because it provides the keys to your IT kingdom.
Indeed, a single improper change to an AD object can seriously damage both performance and security — so you need a solution that empowers you to quickly pinpoint and roll back those modifications. More broadly, you need to be able to spot suspicious behavior in time to prevent costly breaches and downtime.

Join this webinar and discover how to secure your AD from end to end. We’ll show you how you can:
- Proactively identify and mitigate AD security gaps before attackers exploit them. 
- Promptly detect and contain even advanced threats.
- Quickly recover from undesired changes and security incidents.

If the Breach Comes: Defend and Recover Your Active Directory

Active Directory

Data Security

Data Recovery

Information Security

IT Security

Cyber Security

Data Breach

Cyber Crime

Cyber Attacks

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

If the Breach Comes: Defend and Recover Your Active Directory

Presented by

About this talk

More from this channel