What started as a sleepy technology for efficiently configuring 1000s of Windows desktops and servers, has now become a gold mine for attackers looking to expose your security posture and leverage your GPOs as “malware delivery vehicles”.
In this session, Darren Mar-Elia (the “GPOGUY”) will summarize the nearly 4 years of research he’s done on the various ways attackers are exploiting GP. More importantly, he will break down the key steps you can take to defend your Group Policy environment, and therefore your Windows environment, from abuse.
During this workshop, we’ll demonstrate:
-How attackers use Group Policy for reconnaissance
-How attackers use Group Policy as a vector for malware
-How you can configure your AD and GPOs to prevent abuse
-Best practices for managing Group Policy with security in mind
A 14-year Cloud and Datacenter Microsoft MVP, Darren Mar-Elia has a wealth of experience in Identity and Access Management and was the CTO and founder of SDM software, a provider of Microsoft systems management solutions. Prior to launching SDM, Darren held senior infrastructure architecture roles in Fortune 500 companies and was also the CTO of Quest Software. As a Microsoft MVP, Darren has contributed to numerous publications on Windows networks, Active Directory and Group Policy, and was a Contributing Editor for Windows IT Pro Magazine for 20 years.
[CPE Credits] You are eligible for CPE Credits at some professional associations. Upon viewing the entire webinar, download your Viewing Certificate from BrightTALK.