< Forrrige nyheter Neste nyheter >
Protecting you critical system from new and unknown malware, 0-days, and APT with a Modern Defense using Device Guard and PowerShell

Protecting you critical system from new and unknown malware, 0-days, and APT with a Modern Defense using Device Guard and PowerShell

Lørdag 06, Januar

In session, you will learn how to protect your critical systems from new and unknown malware, 0-days, and APTs using Device guard and PowerShell right away when you get home.

 

With the relentless proliferation of compiled and script-based malware, trusting prevention and detection to antivirus solutions alone simply will not cut it. The only ideal method of effectively blocking binaries and scripts on a host is with a robust whitelisting solution. Device Guard is one such solution offered by Microsoft for Windows 10 and Server 2016 and if implemented properly, can eliminate an entire suite of attacks your organization may face. Additionally, the only interface into configuring Device Guard is with PowerShell.

This talk will cover PowerShell-based configuration and deployment of a restrictive whitelisting policy, bypasses to the policy through exploitation of trusted applications, and mitigation strategies for effectively blocking such bypasses.

 

This session will be held by Matt Graeber. Matt is the Manager of Security Research with Veris Group's Adaptive Threat Division. As a security researcher, reverse engineer, and Microsoft CDM MVP, Matt specializes in the development of offensive and defensive PowerShell tools. He is the lead developer of PowerSploit, CIMSweep, and PowerShellArsenal.

 

Matt is known to be one the brightest minds in the world within this field. Come and learn from one the best how you can protect your critical systems. More from matt at: https://twitter.com/mattifestation. Information about Device guard: Decive guard

 

More information at: https://www.hackcon.org/aktiviteter/hackcon12.