Implementing a Least Privilege Management Framework on Windows and macOS Devices

Presented by

Jeremy Moskowitz (CTO and Founder of PolicyPak, now part of Netwrix)

About this talk

The crux of every cyberattack’s success or failure today is privileges – without them, the threat actor has no ability to execute anything, move laterally, infect endpoints, access data, or basically do anything remotely malicious.  While most of the time we all focus on administrative privileges to an endpoint, a server, or Active Directory, it’s critical to implement a state of least privilege – all the way down to you operating system and its applications.   Woe is the admin who hands out “local administrator rights” for any period of time, only to find out that the end user has done unmentionable things to the machine, reduced security or let the bad guys in. At the same time, we all also know that the organisation expects users to be productive and able to complete their job. So, there needs to be a happy medium – one where the cybersecurity objectives of the organisation are definitely met, while users can still get work done.   So, what should a least privilege management framework look like that meets both goals?   In this Real Training for Free webinar, 4-time Microsoft MVP, Nick Cavalancia, again takes my seat and first covers:   · Defining Least Privilege – going deeper than just “Admin” · How cyberattacks have taken advantage of privileges – from admin to application · How MITRE spells out some of the privilege types you should be including   Next up, Nick will be joined by 18-time Microsoft Windows Management MVP, Jeremy Moskowitz who will discuss:   · Ways attackers take advantage of application and operating system privileges · How implementing a least privilege framework can help prevent ransomware/malware, zero day attacks, phishing-based attacks · Pros and cons of native management tools like LAPS, Applocker, LUAbuglight and Procmon · Practical OS and applications examples where least privilege can make endpoints more secure using the context of Group Policy and Microsoft Endpoint Manager
Related topics:

More from this channel

Upcoming talks (4)
On-demand talks (82)
Subscribers (7979)
Netwrix empowers security professionals to face digital threats with confidence by enabling them to identify and protect sensitive data as well as to detect, respond to, and recover from attacks. More than 13,500 organizations across 100+ countries rely on Netwrix solutions to strengthen their security and compliance posture across all three primary attack vectors: data, identity, and infrastructure. By reducing the cybersecurity burden with Netwrix, organizations concentrate on advancing their cause while reducing cyber risk. For more information, visit