Implementing a Least Privilege Management Framework on Windows and macOS Devices

Presented by

Jeremy Moskowitz (CTO and Founder of PolicyPak, now part of Netwrix)

About this talk

The crux of every cyberattack’s success or failure today is privileges – without them, the threat actor has no ability to execute anything, move laterally, infect endpoints, access data, or basically do anything remotely malicious.  While most of the time we all focus on administrative privileges to an endpoint, a server, or Active Directory, it’s critical to implement a state of least privilege – all the way down to you operating system and its applications.   Woe is the admin who hands out “local administrator rights” for any period of time, only to find out that the end user has done unmentionable things to the machine, reduced security or let the bad guys in. At the same time, we all also know that the organisation expects users to be productive and able to complete their job. So, there needs to be a happy medium – one where the cybersecurity objectives of the organisation are definitely met, while users can still get work done.   So, what should a least privilege management framework look like that meets both goals?   In this Real Training for Free webinar, 4-time Microsoft MVP, Nick Cavalancia, again takes my seat and first covers:   · Defining Least Privilege – going deeper than just “Admin” · How cyberattacks have taken advantage of privileges – from admin to application · How MITRE spells out some of the privilege types you should be including   Next up, Nick will be joined by 18-time Microsoft Windows Management MVP, Jeremy Moskowitz who will discuss:   · Ways attackers take advantage of application and operating system privileges · How implementing a least privilege framework can help prevent ransomware/malware, zero day attacks, phishing-based attacks · Pros and cons of native management tools like LAPS, Applocker, LUAbuglight and Procmon · Practical OS and applications examples where least privilege can make endpoints more secure using the context of Group Policy and Microsoft Endpoint Manager

Related topics:

More from this channel

Upcoming talks (4)
On-demand talks (172)
Subscribers (5384)
Netwrix empowers information security and governance professionals to identify and protect sensitive data to reduce the risk of a breach. Our solutions also limit the impact of attacks by helping IT teams detect, respond and recover from them faster and with less effort. Over 13,000 organizations worldwide rely on Netwrix solutions to strengthen their security and compliance posture across all three primary attack vectors: data, identity and infrastructure.