Stopping Attacks at the Windows Endpoint: The Lockdown Efficacy

Presented by

Jeremy Moskowitz (CTO and Founder of PolicyPak, now part of Netwrix)

About this talk

No matter the type of attack or the initial attack vector, eventually threat actors need access to an endpoint to establish persistence and to serve as the launch point for any privilege escalation and lateral movement. And because every attacker’s capabilities are limited by the operating system they compromise, Windows remains a favorite target, with its’ many means of running code, traversing systems, and elevating privileges. A recent report showed that as many as 1 in 8 cyberattacks make it past security solutions and reach the endpoint, placing the battle for access to your environment squarely on your Windows’ endpoints. And while organizations like yours have endpoint solutions, not every solution provides the same levels of protection, making it necessary to take advantage of every means to secure the environment – which includes any native lockdown capabilities within Windows. So, just how well can native management solutions from Microsoft secure the Windows endpoint? In this Real Training for Free session, 4-time Microsoft MVP, Nick Cavalancia takes my seat as he first discusses: The reality of attacks reaching the endpoint Just how insecure is the default Windows endpoint? What MITRE has to say about the misuse of a compromised Windows endpoint Next up, you’ll hear from 18-time Microsoft MVP, Jeremy Moskowitz, as he covers the native limitations to consider when using Windows’ built-in policy management tools to secure the endpoint. Jeremy will also share practical strategies to address them. The session will focus on the limitations of the following native Windows endpoint management tools: - Local Administrator Password Service (LAPS) - USB GPO policy - Applocker - And more Jeremy will also discuss exploring alternative approaches and third-party solutions to optimize policy deployment.

Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (47)
Subscribers (6021)
Netwrix empowers information security and governance professionals to identify and protect sensitive data to reduce the risk of a breach. Our solutions also limit the impact of attacks by helping IT teams detect, respond and recover from them faster and with less effort. Over 13,500 organizations worldwide rely on Netwrix solutions to strengthen their security and compliance posture across all three primary attack vectors: data, identity and infrastructure.