SlideShare a Scribd company logo

Llunitebe2018 windows 10 security features

Kenny Buntinx
Kenny Buntinx

windows 10 security features by Kim Oppalfens and Tom Degreef

Technology
1 of 28
Download to read offline
#Scugbe #LLUniteBE #BEEMUG Windows 10 (Not your father’s Windows) Security Improvements TOM DEGREEF & KIM OPPALFENS
1 Year in the MVP Program EMS @tomdegreef, http://OSCC.BE Tom Degreef
Kim Oppalfens 13 Years in the MVP Program (SMS, SCCM, Enterprise Client Management, EMS) @thewmiguy, http://OSCC.BE
Agenda ▪ Application whitelisting in general ▪ Microsoft & Application whitelisting ▪ Implementing Application control ▪ Demo - Q&A T
Application whitelisting
Open vs closed devices K
Application whitelisting in general ▪ Protect against malicious code by only running trusted code ▪ Whitelist contains the rules that define trust T
National Institute of standards and technology “Use application whitelisting technologies built into the OS.” “Test in monitoring mode.” “Plan and deployment in a phased approach.” “analyze the environment in which application whitelisting will be running.” T
Application whitelisting benefits ▪ Protects against 99% of automated malware & ransomware attacks ▪ Enforces solid processes and security practices T&K
Microsoft Application whitelisting
Microsoft & Application whitelisting Applocker Appcontrol Device guard User targeted Device targeted Hardware protected by HVCI Exe, dll, cmd & bat Exe & DLL Requires UEFI Path based rules Accompanied by PowerShell constrained language Requires TPM Block store apps Runs in Kernel space Requires VBS Can Protect against administrator K
Application control advancements 1703 1709 1803 Managed installer Intelligent Security Graph New policy without reboot T
Defining trust – core rules • FileHash per binaryHash • Signing certificateLeafcert • Root cert in certificate chainPCA Cert • Original FilenameFilename T
Defining trust – PCA derivates • Verisign cert + Common name = MicrosoftPublisher • Publisher + Minimal Version Number Signed version • Publisher + Filename File Publisher K
The unsurmountable challenge of code signing Create your own cert without a PKI New-SelfSignedCertificate -Type CodeSigningCert ` -Subject 'Application control signing cert’ Sign a file using that cert Set-AuthenticodeSignature ` -Certificate((gci Cert:LocalMachineMy) | ` ? {$_.EnhancedKeyUsageList -like '*code signing*’ ` -and $_.Subject -like 'CN=Application control signing cert'}) ` -TimestampServer http://timestamp.digicert.com -HashAlgorithm sha256 ` -FilePath "file" K
Defining trust – Managed installer ▪ New since 1703 ▪ Makes files written to disk by Trusted process trusted ▪ Does nothing for files already on disk ▪ Can’t be enabled during staging T
Defining trust – intelligent security graph ▪ New in 1709 ▪ Trust list of known applications generated by Microsoft ▪ Non-Customizable, read: list is as good as it is T
Audit mode / monitoring mode ▪ NIST and our recommendation, audit mode first (FCS/GBV) ▪ Generates Events in Code Integrity event log – Client side ▪ 1 event per process/file per boot cycle T
Implementing Application Control
Implementation assumptions •Prevent automated attacksGoal •If app is trusted on one machine in the company it’s trusted everywhereTrust •Majority of apps is installed in a managed fashionManagement K
OSCC’s application control project kickoff Define scope Find POC department Analyze application types/needs Define catalog creating process Build Initial audit policy T
OSCC’s application control project assessment phase Collect audit results Remediate audit results Deploy audit policy K
OSCC’s application control project round-up Start enforcements for deployed systems Expand scope to more departments Sign policy? Start enforcement for new deployments T
Proposed base policy ▪ Microsoft Base policy ▪ Block Microsoft known bypasses ▪ Microsoft Publisher rule ▪ Define managed installers ▪ Audit-mode Enabled ▪ Add-signerrule (Leaf certificate) ▪ Optional: Add-signerrule store for business cert K
Common challenges ▪ Unsigned applications ▪ Self-Updating applications ▪ Temporary emergencies ▪ Inhouse developed apps T
Catalog creation T ▪ Packageinspector.exe start c: ▪ Copy source files ▪ Install application ▪ Packageinspector.exe stop –out cat –name application.cat ▪ Sign cat-file ▪ Copy cat-file to : ▪ C:WindowsSystem32catroot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
Generate trust from audit events ▪ Script to convert Audit entries to WMI ▪ Needs access to audited binaries ▪ Collect & Consolidate with SCCM ▪ Create rules based on consolidated list K
Thanks to our event sponsors Silver Platinum #Scugbe #LLUniteBE #BEEMUG

Recommended

Flight East 2018 Presentation–Black Duck at Docusign
Flight East 2018 Presentation–Black Duck at DocusignFlight East 2018 Presentation–Black Duck at Docusign
Flight East 2018 Presentation–Black Duck at DocusignSynopsys Software Integrity Group
 
Embracing the Rise of SecDevOps
Embracing the Rise of SecDevOpsEmbracing the Rise of SecDevOps
Embracing the Rise of SecDevOpsTom Cappetta
 
Flight East 2018 Presentation–A DevOps State of Mind: Continuous Security wit...
Flight East 2018 Presentation–A DevOps State of Mind: Continuous Security wit...Flight East 2018 Presentation–A DevOps State of Mind: Continuous Security wit...
Flight East 2018 Presentation–A DevOps State of Mind: Continuous Security wit...Synopsys Software Integrity Group
 
Flight East 2018 Presentation–Continuous Integration––An Overview
Flight East 2018 Presentation–Continuous Integration––An OverviewFlight East 2018 Presentation–Continuous Integration––An Overview
Flight East 2018 Presentation–Continuous Integration––An OverviewSynopsys Software Integrity Group
 
Why Serverless is scary without DevSecOps and Observability
Why Serverless is scary without DevSecOps and ObservabilityWhy Serverless is scary without DevSecOps and Observability
Why Serverless is scary without DevSecOps and ObservabilityEficode
 
Continuous and Visible Security Testing with BDD-Security
Continuous and Visible Security Testing with BDD-SecurityContinuous and Visible Security Testing with BDD-Security
Continuous and Visible Security Testing with BDD-SecurityStephen de Vries
 
Secure your Azure and DevOps in a smart way
Secure your Azure and DevOps in a smart waySecure your Azure and DevOps in a smart way
Secure your Azure and DevOps in a smart wayEficode
 
Efforts in Scaling Application Security Programs
Efforts in Scaling Application Security ProgramsEfforts in Scaling Application Security Programs
Efforts in Scaling Application Security ProgramsEric Fay
 

Recommended

Flight East 2018 Presentation–Black Duck at Docusign
Flight East 2018 Presentation–Black Duck at DocusignFlight East 2018 Presentation–Black Duck at Docusign
Flight East 2018 Presentation–Black Duck at DocusignSynopsys Software Integrity Group
 
Embracing the Rise of SecDevOps
Embracing the Rise of SecDevOpsEmbracing the Rise of SecDevOps
Embracing the Rise of SecDevOpsTom Cappetta
 
Flight East 2018 Presentation–A DevOps State of Mind: Continuous Security wit...
Flight East 2018 Presentation–A DevOps State of Mind: Continuous Security wit...Flight East 2018 Presentation–A DevOps State of Mind: Continuous Security wit...
Flight East 2018 Presentation–A DevOps State of Mind: Continuous Security wit...Synopsys Software Integrity Group
 
Flight East 2018 Presentation–Continuous Integration––An Overview
Flight East 2018 Presentation–Continuous Integration––An OverviewFlight East 2018 Presentation–Continuous Integration––An Overview
Flight East 2018 Presentation–Continuous Integration––An OverviewSynopsys Software Integrity Group
 
Why Serverless is scary without DevSecOps and Observability
Why Serverless is scary without DevSecOps and ObservabilityWhy Serverless is scary without DevSecOps and Observability
Why Serverless is scary without DevSecOps and ObservabilityEficode
 
Continuous and Visible Security Testing with BDD-Security
Continuous and Visible Security Testing with BDD-SecurityContinuous and Visible Security Testing with BDD-Security
Continuous and Visible Security Testing with BDD-SecurityStephen de Vries
 
Secure your Azure and DevOps in a smart way
Secure your Azure and DevOps in a smart waySecure your Azure and DevOps in a smart way
Secure your Azure and DevOps in a smart wayEficode
 
Efforts in Scaling Application Security Programs
Efforts in Scaling Application Security ProgramsEfforts in Scaling Application Security Programs
Efforts in Scaling Application Security ProgramsEric Fay
 
Integrating security into Continuous Delivery
Integrating security into Continuous DeliveryIntegrating security into Continuous Delivery
Integrating security into Continuous DeliveryTom Stiehm
 
Observability in highly distributed systems
Observability in highly distributed systemsObservability in highly distributed systems
Observability in highly distributed systemsDevOps Indonesia
 
Enforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationEnforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationPuppet
 
A Secure DevOps Journey
A Secure DevOps JourneyA Secure DevOps Journey
A Secure DevOps JourneyVeracode
 
Testing in a Continuous Delivery Pipeline - Better, Faster, Cheaper
Testing in a Continuous Delivery Pipeline - Better, Faster, CheaperTesting in a Continuous Delivery Pipeline - Better, Faster, Cheaper
Testing in a Continuous Delivery Pipeline - Better, Faster, CheaperGene Gotimer
 
Why Security Engineer Need Shift-Left to DevSecOps?
Why Security Engineer Need Shift-Left to DevSecOps?Why Security Engineer Need Shift-Left to DevSecOps?
Why Security Engineer Need Shift-Left to DevSecOps?Najib Radzuan
 
A Successful SAST Tool Implementation
A Successful SAST Tool ImplementationA Successful SAST Tool Implementation
A Successful SAST Tool ImplementationCheckmarx
 
Applying formal methods to existing software by B.Monate
Applying formal methods to existing software by B.MonateApplying formal methods to existing software by B.Monate
Applying formal methods to existing software by B.MonateMahaut Gouhier
 
8 Patterns For Continuous Code Security by Veracode CTO Chris Wysopal
8 Patterns For Continuous Code Security by Veracode CTO Chris Wysopal8 Patterns For Continuous Code Security by Veracode CTO Chris Wysopal
8 Patterns For Continuous Code Security by Veracode CTO Chris WysopalThreat Stack
 
Devops security-An Insight into Secure-SDLC
Devops security-An Insight into Secure-SDLCDevops security-An Insight into Secure-SDLC
Devops security-An Insight into Secure-SDLCSuman Sourav
 
Bringing Security Testing to Development: How to Enable Developers to Act as ...
Bringing Security Testing to Development: How to Enable Developers to Act as ...Bringing Security Testing to Development: How to Enable Developers to Act as ...
Bringing Security Testing to Development: How to Enable Developers to Act as ...Achim D. Brucker
 
Just Enough Threat Modeling
Just Enough Threat ModelingJust Enough Threat Modeling
Just Enough Threat ModelingStephen de Vries
 
DevSecOps: Putting the Sec into the DevOps
DevSecOps: Putting the Sec into the DevOpsDevSecOps: Putting the Sec into the DevOps
DevSecOps: Putting the Sec into the DevOpsshira koper
 
Types of Non Functional Testing
Types of Non Functional TestingTypes of Non Functional Testing
Types of Non Functional TestingiFour Technolab Pvt. Ltd.
 
José Vila - ¿Otro parche más? No, por favor. [rooted2018]
José Vila - ¿Otro parche más? No, por favor. [rooted2018]José Vila - ¿Otro parche más? No, por favor. [rooted2018]
José Vila - ¿Otro parche más? No, por favor. [rooted2018]RootedCON
 
FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...
FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...
FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...Black Duck by Synopsys
 
Splitting The Check On Compliance and Security
Splitting The Check On Compliance and SecuritySplitting The Check On Compliance and Security
Splitting The Check On Compliance and SecurityNew Relic
 
DevOps
DevOpsDevOps
DevOpsJeremiah Tillman
 
Perforce on Tour 2015 - Grab Testing By the Horns and Move
Perforce on Tour 2015 - Grab Testing By the Horns and MovePerforce on Tour 2015 - Grab Testing By the Horns and Move
Perforce on Tour 2015 - Grab Testing By the Horns and MovePerforce
 
Pactera - App Security Assessment - Mobile, Web App, IoT - v2
Pactera - App Security Assessment - Mobile, Web App, IoT - v2Pactera - App Security Assessment - Mobile, Web App, IoT - v2
Pactera - App Security Assessment - Mobile, Web App, IoT - v2Kyle Lai
 
2011 NASA Open Source Summit - Forge.mil
2011 NASA Open Source Summit - Forge.mil2011 NASA Open Source Summit - Forge.mil
2011 NASA Open Source Summit - Forge.milNASA Open Government Initiative
 
Appium, Test-Driven Development, and Continuous Integration
Appium, Test-Driven Development, and Continuous IntegrationAppium, Test-Driven Development, and Continuous Integration
Appium, Test-Driven Development, and Continuous IntegrationTechWell
 

More Related Content

What's hot

Integrating security into Continuous Delivery
Integrating security into Continuous DeliveryIntegrating security into Continuous Delivery
Integrating security into Continuous DeliveryTom Stiehm
 
Observability in highly distributed systems
Observability in highly distributed systemsObservability in highly distributed systems
Observability in highly distributed systemsDevOps Indonesia
 
Enforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationEnforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationPuppet
 
A Secure DevOps Journey
A Secure DevOps JourneyA Secure DevOps Journey
A Secure DevOps JourneyVeracode
 
Testing in a Continuous Delivery Pipeline - Better, Faster, Cheaper
Testing in a Continuous Delivery Pipeline - Better, Faster, CheaperTesting in a Continuous Delivery Pipeline - Better, Faster, Cheaper
Testing in a Continuous Delivery Pipeline - Better, Faster, CheaperGene Gotimer
 
Why Security Engineer Need Shift-Left to DevSecOps?
Why Security Engineer Need Shift-Left to DevSecOps?Why Security Engineer Need Shift-Left to DevSecOps?
Why Security Engineer Need Shift-Left to DevSecOps?Najib Radzuan
 
A Successful SAST Tool Implementation
A Successful SAST Tool ImplementationA Successful SAST Tool Implementation
A Successful SAST Tool ImplementationCheckmarx
 
Applying formal methods to existing software by B.Monate
Applying formal methods to existing software by B.MonateApplying formal methods to existing software by B.Monate
Applying formal methods to existing software by B.MonateMahaut Gouhier
 
8 Patterns For Continuous Code Security by Veracode CTO Chris Wysopal
8 Patterns For Continuous Code Security by Veracode CTO Chris Wysopal8 Patterns For Continuous Code Security by Veracode CTO Chris Wysopal
8 Patterns For Continuous Code Security by Veracode CTO Chris WysopalThreat Stack
 
Devops security-An Insight into Secure-SDLC
Devops security-An Insight into Secure-SDLCDevops security-An Insight into Secure-SDLC
Devops security-An Insight into Secure-SDLCSuman Sourav
 
Bringing Security Testing to Development: How to Enable Developers to Act as ...
Bringing Security Testing to Development: How to Enable Developers to Act as ...Bringing Security Testing to Development: How to Enable Developers to Act as ...
Bringing Security Testing to Development: How to Enable Developers to Act as ...Achim D. Brucker
 
Just Enough Threat Modeling
Just Enough Threat ModelingJust Enough Threat Modeling
Just Enough Threat ModelingStephen de Vries
 
DevSecOps: Putting the Sec into the DevOps
DevSecOps: Putting the Sec into the DevOpsDevSecOps: Putting the Sec into the DevOps
DevSecOps: Putting the Sec into the DevOpsshira koper
 
José Vila - ¿Otro parche más? No, por favor. [rooted2018]
José Vila - ¿Otro parche más? No, por favor. [rooted2018]José Vila - ¿Otro parche más? No, por favor. [rooted2018]
José Vila - ¿Otro parche más? No, por favor. [rooted2018]RootedCON
 
FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...
FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...
FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...Black Duck by Synopsys
 
Splitting The Check On Compliance and Security
Splitting The Check On Compliance and SecuritySplitting The Check On Compliance and Security
Splitting The Check On Compliance and SecurityNew Relic
 
Perforce on Tour 2015 - Grab Testing By the Horns and Move
Perforce on Tour 2015 - Grab Testing By the Horns and MovePerforce on Tour 2015 - Grab Testing By the Horns and Move
Perforce on Tour 2015 - Grab Testing By the Horns and MovePerforce
 
Pactera - App Security Assessment - Mobile, Web App, IoT - v2
Pactera - App Security Assessment - Mobile, Web App, IoT - v2Pactera - App Security Assessment - Mobile, Web App, IoT - v2
Pactera - App Security Assessment - Mobile, Web App, IoT - v2Kyle Lai
 

What's hot (20)

Integrating security into Continuous Delivery
Integrating security into Continuous DeliveryIntegrating security into Continuous Delivery
Integrating security into Continuous Delivery
 
Observability in highly distributed systems
Observability in highly distributed systemsObservability in highly distributed systems
Observability in highly distributed systems
 
Enforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationEnforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automation
 
A Secure DevOps Journey
A Secure DevOps JourneyA Secure DevOps Journey
A Secure DevOps Journey
 
Testing in a Continuous Delivery Pipeline - Better, Faster, Cheaper
Testing in a Continuous Delivery Pipeline - Better, Faster, CheaperTesting in a Continuous Delivery Pipeline - Better, Faster, Cheaper
Testing in a Continuous Delivery Pipeline - Better, Faster, Cheaper
 
Why Security Engineer Need Shift-Left to DevSecOps?
Why Security Engineer Need Shift-Left to DevSecOps?Why Security Engineer Need Shift-Left to DevSecOps?
Why Security Engineer Need Shift-Left to DevSecOps?
 
A Successful SAST Tool Implementation
A Successful SAST Tool ImplementationA Successful SAST Tool Implementation
A Successful SAST Tool Implementation
 
Applying formal methods to existing software by B.Monate
Applying formal methods to existing software by B.MonateApplying formal methods to existing software by B.Monate
Applying formal methods to existing software by B.Monate
 
8 Patterns For Continuous Code Security by Veracode CTO Chris Wysopal
8 Patterns For Continuous Code Security by Veracode CTO Chris Wysopal8 Patterns For Continuous Code Security by Veracode CTO Chris Wysopal
8 Patterns For Continuous Code Security by Veracode CTO Chris Wysopal
 
Devops security-An Insight into Secure-SDLC
Devops security-An Insight into Secure-SDLCDevops security-An Insight into Secure-SDLC
Devops security-An Insight into Secure-SDLC
 
Bringing Security Testing to Development: How to Enable Developers to Act as ...
Bringing Security Testing to Development: How to Enable Developers to Act as ...Bringing Security Testing to Development: How to Enable Developers to Act as ...
Bringing Security Testing to Development: How to Enable Developers to Act as ...
 
Just Enough Threat Modeling
Just Enough Threat ModelingJust Enough Threat Modeling
Just Enough Threat Modeling
 
DevSecOps: Putting the Sec into the DevOps
DevSecOps: Putting the Sec into the DevOpsDevSecOps: Putting the Sec into the DevOps
DevSecOps: Putting the Sec into the DevOps
 
Types of Non Functional Testing
Types of Non Functional TestingTypes of Non Functional Testing
Types of Non Functional Testing
 
José Vila - ¿Otro parche más? No, por favor. [rooted2018]
José Vila - ¿Otro parche más? No, por favor. [rooted2018]José Vila - ¿Otro parche más? No, por favor. [rooted2018]
José Vila - ¿Otro parche más? No, por favor. [rooted2018]
 
FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...
FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...
FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...
 
Splitting The Check On Compliance and Security
Splitting The Check On Compliance and SecuritySplitting The Check On Compliance and Security
Splitting The Check On Compliance and Security
 
DevOps
DevOpsDevOps
DevOps
 
Perforce on Tour 2015 - Grab Testing By the Horns and Move
Perforce on Tour 2015 - Grab Testing By the Horns and MovePerforce on Tour 2015 - Grab Testing By the Horns and Move
Perforce on Tour 2015 - Grab Testing By the Horns and Move
 
Pactera - App Security Assessment - Mobile, Web App, IoT - v2
Pactera - App Security Assessment - Mobile, Web App, IoT - v2Pactera - App Security Assessment - Mobile, Web App, IoT - v2
Pactera - App Security Assessment - Mobile, Web App, IoT - v2
 

Similar to Llunitebe2018 windows 10 security features

Appium, Test-Driven Development, and Continuous Integration
Appium, Test-Driven Development, and Continuous IntegrationAppium, Test-Driven Development, and Continuous Integration
Appium, Test-Driven Development, and Continuous IntegrationTechWell
 
case analysis 2.1.docxby Urusha PandeySubmission date 2.docx
case analysis 2.1.docxby Urusha PandeySubmission date 2.docxcase analysis 2.1.docxby Urusha PandeySubmission date 2.docx
case analysis 2.1.docxby Urusha PandeySubmission date 2.docxcowinhelen
 
How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks Ulf Mattsson
 
Cncf checkov and bridgecrew
Cncf checkov and bridgecrewCncf checkov and bridgecrew
Cncf checkov and bridgecrewLibbySchulze
 
IBM i Application Lifecycle Management with Remain Software
IBM i Application Lifecycle Management with Remain SoftwareIBM i Application Lifecycle Management with Remain Software
IBM i Application Lifecycle Management with Remain SoftwareRemain Software
 
Zero-bug Software, Mathematically Guaranteed
Zero-bug Software, Mathematically GuaranteedZero-bug Software, Mathematically Guaranteed
Zero-bug Software, Mathematically GuaranteedAshley Zupkus
 
AWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWSAWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWSEric Smalling
 
Succeeding-Marriage-Cybersecurity-DevOps final
Succeeding-Marriage-Cybersecurity-DevOps finalSucceeding-Marriage-Cybersecurity-DevOps final
Succeeding-Marriage-Cybersecurity-DevOps finalrkadayam
 
Introduction to the Microsoft Security Development Lifecycle (SDL).ppsx
Introduction to the Microsoft Security Development Lifecycle (SDL).ppsxIntroduction to the Microsoft Security Development Lifecycle (SDL).ppsx
Introduction to the Microsoft Security Development Lifecycle (SDL).ppsxMardhaniAR
 
Building an Open Source AppSec Pipeline - 2015 Texas Linux Fest
Building an Open Source AppSec Pipeline - 2015 Texas Linux FestBuilding an Open Source AppSec Pipeline - 2015 Texas Linux Fest
Building an Open Source AppSec Pipeline - 2015 Texas Linux FestMatt Tesauro
 
ApExchange Security Review and Compliance
ApExchange Security Review and ComplianceApExchange Security Review and Compliance
ApExchange Security Review and ComplianceCEPTES Software Inc
 
Experts Live Europe 2017 - Windows 10 Servicing - the do’s and don'ts
Experts Live Europe 2017 - Windows 10 Servicing - the do’s and don'tsExperts Live Europe 2017 - Windows 10 Servicing - the do’s and don'ts
Experts Live Europe 2017 - Windows 10 Servicing - the do’s and don'tsAlexander Benoit
 
Frank Cohen - Are We Ready For Cloud Testing - EuroSTAR 2010
Frank Cohen - Are We Ready For Cloud Testing - EuroSTAR 2010Frank Cohen - Are We Ready For Cloud Testing - EuroSTAR 2010
Frank Cohen - Are We Ready For Cloud Testing - EuroSTAR 2010TEST Huddle
 
Software Security in the Real World w/Kelsey Hightower
Software Security in the Real World w/Kelsey HightowerSoftware Security in the Real World w/Kelsey Hightower
Software Security in the Real World w/Kelsey HightowerAnchore
 
Reduce Third Party Developer Risks
Reduce Third Party Developer RisksReduce Third Party Developer Risks
Reduce Third Party Developer RisksKevo Meehan
 
The road towards better automotive cybersecurity
The road towards better automotive cybersecurityThe road towards better automotive cybersecurity
The road towards better automotive cybersecurityRogue Wave Software
 
Automated Testing Using Selenium
Automated Testing Using SeleniumAutomated Testing Using Selenium
Automated Testing Using SeleniumTechWell
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM
 

Similar to Llunitebe2018 windows 10 security features (20)

2011 NASA Open Source Summit - Forge.mil
2011 NASA Open Source Summit - Forge.mil2011 NASA Open Source Summit - Forge.mil
2011 NASA Open Source Summit - Forge.mil
 
Appium, Test-Driven Development, and Continuous Integration
Appium, Test-Driven Development, and Continuous IntegrationAppium, Test-Driven Development, and Continuous Integration
Appium, Test-Driven Development, and Continuous Integration
 
case analysis 2.1.docxby Urusha PandeySubmission date 2.docx
case analysis 2.1.docxby Urusha PandeySubmission date 2.docxcase analysis 2.1.docxby Urusha PandeySubmission date 2.docx
case analysis 2.1.docxby Urusha PandeySubmission date 2.docx
 
How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks
 
Cncf checkov and bridgecrew
Cncf checkov and bridgecrewCncf checkov and bridgecrew
Cncf checkov and bridgecrew
 
IBM i Application Lifecycle Management with Remain Software
IBM i Application Lifecycle Management with Remain SoftwareIBM i Application Lifecycle Management with Remain Software
IBM i Application Lifecycle Management with Remain Software
 
Zero-bug Software, Mathematically Guaranteed
Zero-bug Software, Mathematically GuaranteedZero-bug Software, Mathematically Guaranteed
Zero-bug Software, Mathematically Guaranteed
 
AWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWSAWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWS
 
Succeeding-Marriage-Cybersecurity-DevOps final
Succeeding-Marriage-Cybersecurity-DevOps finalSucceeding-Marriage-Cybersecurity-DevOps final
Succeeding-Marriage-Cybersecurity-DevOps final
 
Introduction to the Microsoft Security Development Lifecycle (SDL).ppsx
Introduction to the Microsoft Security Development Lifecycle (SDL).ppsxIntroduction to the Microsoft Security Development Lifecycle (SDL).ppsx
Introduction to the Microsoft Security Development Lifecycle (SDL).ppsx
 
Building an Open Source AppSec Pipeline - 2015 Texas Linux Fest
Building an Open Source AppSec Pipeline - 2015 Texas Linux FestBuilding an Open Source AppSec Pipeline - 2015 Texas Linux Fest
Building an Open Source AppSec Pipeline - 2015 Texas Linux Fest
 
How to Add Perfecto to Your CI
How to Add Perfecto to Your CIHow to Add Perfecto to Your CI
How to Add Perfecto to Your CI
 
ApExchange Security Review and Compliance
ApExchange Security Review and ComplianceApExchange Security Review and Compliance
ApExchange Security Review and Compliance
 
Experts Live Europe 2017 - Windows 10 Servicing - the do’s and don'ts
Experts Live Europe 2017 - Windows 10 Servicing - the do’s and don'tsExperts Live Europe 2017 - Windows 10 Servicing - the do’s and don'ts
Experts Live Europe 2017 - Windows 10 Servicing - the do’s and don'ts
 
Frank Cohen - Are We Ready For Cloud Testing - EuroSTAR 2010
Frank Cohen - Are We Ready For Cloud Testing - EuroSTAR 2010Frank Cohen - Are We Ready For Cloud Testing - EuroSTAR 2010
Frank Cohen - Are We Ready For Cloud Testing - EuroSTAR 2010
 
Software Security in the Real World w/Kelsey Hightower
Software Security in the Real World w/Kelsey HightowerSoftware Security in the Real World w/Kelsey Hightower
Software Security in the Real World w/Kelsey Hightower
 
Reduce Third Party Developer Risks
Reduce Third Party Developer RisksReduce Third Party Developer Risks
Reduce Third Party Developer Risks
 
The road towards better automotive cybersecurity
The road towards better automotive cybersecurityThe road towards better automotive cybersecurity
The road towards better automotive cybersecurity
 
Automated Testing Using Selenium
Automated Testing Using SeleniumAutomated Testing Using Selenium
Automated Testing Using Selenium
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future
 

More from Kenny Buntinx

Llunitebe2018 configuring a cmg in config mgr cb
Llunitebe2018 configuring a cmg in config mgr cbLlunitebe2018 configuring a cmg in config mgr cb
Llunitebe2018 configuring a cmg in config mgr cbKenny Buntinx
 
Llunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.way
Llunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.wayLlunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.way
Llunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.wayKenny Buntinx
 
Llunitebe2018 worst config mgr cb mistakes
Llunitebe2018 worst config mgr cb mistakesLlunitebe2018 worst config mgr cb mistakes
Llunitebe2018 worst config mgr cb mistakesKenny Buntinx
 
Llunitebe2018 ten practical tips to secure your corporate data with microsoft...
Llunitebe2018 ten practical tips to secure your corporate data with microsoft...Llunitebe2018 ten practical tips to secure your corporate data with microsoft...
Llunitebe2018 ten practical tips to secure your corporate data with microsoft...Kenny Buntinx
 
Llunitebe2018 rdmi in practice
Llunitebe2018 rdmi in practiceLlunitebe2018 rdmi in practice
Llunitebe2018 rdmi in practiceKenny Buntinx
 
Llunitebe2018 implement modern management as like brewing a beer
Llunitebe2018 implement modern management as like brewing a beerLlunitebe2018 implement modern management as like brewing a beer
Llunitebe2018 implement modern management as like brewing a beerKenny Buntinx
 
SCUGBE_Lowlands_Unite_2017_1E tachyon
SCUGBE_Lowlands_Unite_2017_1E tachyonSCUGBE_Lowlands_Unite_2017_1E tachyon
SCUGBE_Lowlands_Unite_2017_1E tachyonKenny Buntinx
 
SCUGBE_Lowlands_Unite_2017_Rest azured microsoft cloud demystified
SCUGBE_Lowlands_Unite_2017_Rest azured microsoft cloud demystifiedSCUGBE_Lowlands_Unite_2017_Rest azured microsoft cloud demystified
SCUGBE_Lowlands_Unite_2017_Rest azured microsoft cloud demystifiedKenny Buntinx
 
SCUGBE_Lowlands_Unite_2017_Protecting cloud identities
SCUGBE_Lowlands_Unite_2017_Protecting cloud identitiesSCUGBE_Lowlands_Unite_2017_Protecting cloud identities
SCUGBE_Lowlands_Unite_2017_Protecting cloud identitiesKenny Buntinx
 
SCUGBE_Lowlands_Unite_2017_Managing Windows Containers with Docker
SCUGBE_Lowlands_Unite_2017_Managing Windows Containers with DockerSCUGBE_Lowlands_Unite_2017_Managing Windows Containers with Docker
SCUGBE_Lowlands_Unite_2017_Managing Windows Containers with DockerKenny Buntinx
 
SCUGBE_Lowlands_Unite_2017_Servicing your new Windows workplace like a boss.
SCUGBE_Lowlands_Unite_2017_Servicing your new Windows workplace like a boss.SCUGBE_Lowlands_Unite_2017_Servicing your new Windows workplace like a boss.
SCUGBE_Lowlands_Unite_2017_Servicing your new Windows workplace like a boss.Kenny Buntinx
 
SCUGBE_Lowlands_Unite_2017_Ransomware vs. SysAdmin
SCUGBE_Lowlands_Unite_2017_Ransomware vs. SysAdminSCUGBE_Lowlands_Unite_2017_Ransomware vs. SysAdmin
SCUGBE_Lowlands_Unite_2017_Ransomware vs. SysAdminKenny Buntinx
 
SCUGBE_Lowlands_Unite_2017_How to manage office 2016 on today’s clients
SCUGBE_Lowlands_Unite_2017_How to manage office 2016 on today’s clientsSCUGBE_Lowlands_Unite_2017_How to manage office 2016 on today’s clients
SCUGBE_Lowlands_Unite_2017_How to manage office 2016 on today’s clientsKenny Buntinx
 
SCUGBE_Lowlands_Unite_2017_Achieving productivity without an on premises infr...
SCUGBE_Lowlands_Unite_2017_Achieving productivity without an on premises infr...SCUGBE_Lowlands_Unite_2017_Achieving productivity without an on premises infr...
SCUGBE_Lowlands_Unite_2017_Achieving productivity without an on premises infr...Kenny Buntinx
 
ECMDay2015 - Kim Oppalfens – Microsoft System Center Configuration Manager: H...
ECMDay2015 - Kim Oppalfens – Microsoft System Center Configuration Manager: H...ECMDay2015 - Kim Oppalfens – Microsoft System Center Configuration Manager: H...
ECMDay2015 - Kim Oppalfens – Microsoft System Center Configuration Manager: H...Kenny Buntinx
 
ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?
ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?
ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?Kenny Buntinx
 
ECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site Review
ECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site ReviewECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site Review
ECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site ReviewKenny Buntinx
 
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...Kenny Buntinx
 
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Keynote
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - KeynoteECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Keynote
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - KeynoteKenny Buntinx
 
ECMDay2015 - Peter Daalmans – Master your Mac OS X Operating System with Conf...
ECMDay2015 - Peter Daalmans – Master your Mac OS X Operating System with Conf...ECMDay2015 - Peter Daalmans – Master your Mac OS X Operating System with Conf...
ECMDay2015 - Peter Daalmans – Master your Mac OS X Operating System with Conf...Kenny Buntinx
 

More from Kenny Buntinx (20)

Llunitebe2018 configuring a cmg in config mgr cb
Llunitebe2018 configuring a cmg in config mgr cbLlunitebe2018 configuring a cmg in config mgr cb
Llunitebe2018 configuring a cmg in config mgr cb
 
Llunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.way
Llunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.wayLlunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.way
Llunitebe2018 best of_two_worlds-manage.your.servers.the.azure.or.configmgr.way
 
Llunitebe2018 worst config mgr cb mistakes
Llunitebe2018 worst config mgr cb mistakesLlunitebe2018 worst config mgr cb mistakes
Llunitebe2018 worst config mgr cb mistakes
 
Llunitebe2018 ten practical tips to secure your corporate data with microsoft...
Llunitebe2018 ten practical tips to secure your corporate data with microsoft...Llunitebe2018 ten practical tips to secure your corporate data with microsoft...
Llunitebe2018 ten practical tips to secure your corporate data with microsoft...
 
Llunitebe2018 rdmi in practice
Llunitebe2018 rdmi in practiceLlunitebe2018 rdmi in practice
Llunitebe2018 rdmi in practice
 
Llunitebe2018 implement modern management as like brewing a beer
Llunitebe2018 implement modern management as like brewing a beerLlunitebe2018 implement modern management as like brewing a beer
Llunitebe2018 implement modern management as like brewing a beer
 
SCUGBE_Lowlands_Unite_2017_1E tachyon
SCUGBE_Lowlands_Unite_2017_1E tachyonSCUGBE_Lowlands_Unite_2017_1E tachyon
SCUGBE_Lowlands_Unite_2017_1E tachyon
 
SCUGBE_Lowlands_Unite_2017_Rest azured microsoft cloud demystified
SCUGBE_Lowlands_Unite_2017_Rest azured microsoft cloud demystifiedSCUGBE_Lowlands_Unite_2017_Rest azured microsoft cloud demystified
SCUGBE_Lowlands_Unite_2017_Rest azured microsoft cloud demystified
 
SCUGBE_Lowlands_Unite_2017_Protecting cloud identities
SCUGBE_Lowlands_Unite_2017_Protecting cloud identitiesSCUGBE_Lowlands_Unite_2017_Protecting cloud identities
SCUGBE_Lowlands_Unite_2017_Protecting cloud identities
 
SCUGBE_Lowlands_Unite_2017_Managing Windows Containers with Docker
SCUGBE_Lowlands_Unite_2017_Managing Windows Containers with DockerSCUGBE_Lowlands_Unite_2017_Managing Windows Containers with Docker
SCUGBE_Lowlands_Unite_2017_Managing Windows Containers with Docker
 
SCUGBE_Lowlands_Unite_2017_Servicing your new Windows workplace like a boss.
SCUGBE_Lowlands_Unite_2017_Servicing your new Windows workplace like a boss.SCUGBE_Lowlands_Unite_2017_Servicing your new Windows workplace like a boss.
SCUGBE_Lowlands_Unite_2017_Servicing your new Windows workplace like a boss.
 
SCUGBE_Lowlands_Unite_2017_Ransomware vs. SysAdmin
SCUGBE_Lowlands_Unite_2017_Ransomware vs. SysAdminSCUGBE_Lowlands_Unite_2017_Ransomware vs. SysAdmin
SCUGBE_Lowlands_Unite_2017_Ransomware vs. SysAdmin
 
SCUGBE_Lowlands_Unite_2017_How to manage office 2016 on today’s clients
SCUGBE_Lowlands_Unite_2017_How to manage office 2016 on today’s clientsSCUGBE_Lowlands_Unite_2017_How to manage office 2016 on today’s clients
SCUGBE_Lowlands_Unite_2017_How to manage office 2016 on today’s clients
 
SCUGBE_Lowlands_Unite_2017_Achieving productivity without an on premises infr...
SCUGBE_Lowlands_Unite_2017_Achieving productivity without an on premises infr...SCUGBE_Lowlands_Unite_2017_Achieving productivity without an on premises infr...
SCUGBE_Lowlands_Unite_2017_Achieving productivity without an on premises infr...
 
ECMDay2015 - Kim Oppalfens – Microsoft System Center Configuration Manager: H...
ECMDay2015 - Kim Oppalfens – Microsoft System Center Configuration Manager: H...ECMDay2015 - Kim Oppalfens – Microsoft System Center Configuration Manager: H...
ECMDay2015 - Kim Oppalfens – Microsoft System Center Configuration Manager: H...
 
ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?
ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?
ECMDay2015 - Nico Sienaert – Enterprise Mobility Suite – What it’s all about?
 
ECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site Review
ECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site ReviewECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site Review
ECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site Review
 
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...
 
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Keynote
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - KeynoteECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Keynote
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Keynote
 
ECMDay2015 - Peter Daalmans – Master your Mac OS X Operating System with Conf...
ECMDay2015 - Peter Daalmans – Master your Mac OS X Operating System with Conf...ECMDay2015 - Peter Daalmans – Master your Mac OS X Operating System with Conf...
ECMDay2015 - Peter Daalmans – Master your Mac OS X Operating System with Conf...
 

Recently uploaded

Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 

Recently uploaded (20)

Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 

Llunitebe2018 windows 10 security features

  • 1. #Scugbe #LLUniteBE #BEEMUG Windows 10 (Not your father’s Windows) Security Improvements TOM DEGREEF & KIM OPPALFENS
  • 2. 1 Year in the MVP Program EMS @tomdegreef, http://OSCC.BE Tom Degreef
  • 3. Kim Oppalfens 13 Years in the MVP Program (SMS, SCCM, Enterprise Client Management, EMS) @thewmiguy, http://OSCC.BE
  • 4. Agenda ▪ Application whitelisting in general ▪ Microsoft & Application whitelisting ▪ Implementing Application control ▪ Demo - Q&A T
  • 6. Open vs closed devices K
  • 7. Application whitelisting in general ▪ Protect against malicious code by only running trusted code ▪ Whitelist contains the rules that define trust T
  • 8. National Institute of standards and technology “Use application whitelisting technologies built into the OS.” “Test in monitoring mode.” “Plan and deployment in a phased approach.” “analyze the environment in which application whitelisting will be running.” T
  • 9. Application whitelisting benefits ▪ Protects against 99% of automated malware & ransomware attacks ▪ Enforces solid processes and security practices T&K
  • 11. Microsoft & Application whitelisting Applocker Appcontrol Device guard User targeted Device targeted Hardware protected by HVCI Exe, dll, cmd & bat Exe & DLL Requires UEFI Path based rules Accompanied by PowerShell constrained language Requires TPM Block store apps Runs in Kernel space Requires VBS Can Protect against administrator K
  • 12. Application control advancements 1703 1709 1803 Managed installer Intelligent Security Graph New policy without reboot T
  • 13. Defining trust – core rules • FileHash per binaryHash • Signing certificateLeafcert • Root cert in certificate chainPCA Cert • Original FilenameFilename T
  • 14. Defining trust – PCA derivates • Verisign cert + Common name = MicrosoftPublisher • Publisher + Minimal Version Number Signed version • Publisher + Filename File Publisher K
  • 15. The unsurmountable challenge of code signing Create your own cert without a PKI New-SelfSignedCertificate -Type CodeSigningCert ` -Subject 'Application control signing cert’ Sign a file using that cert Set-AuthenticodeSignature ` -Certificate((gci Cert:LocalMachineMy) | ` ? {$_.EnhancedKeyUsageList -like '*code signing*’ ` -and $_.Subject -like 'CN=Application control signing cert'}) ` -TimestampServer http://timestamp.digicert.com -HashAlgorithm sha256 ` -FilePath "file" K
  • 16. Defining trust – Managed installer ▪ New since 1703 ▪ Makes files written to disk by Trusted process trusted ▪ Does nothing for files already on disk ▪ Can’t be enabled during staging T
  • 17. Defining trust – intelligent security graph ▪ New in 1709 ▪ Trust list of known applications generated by Microsoft ▪ Non-Customizable, read: list is as good as it is T
  • 18. Audit mode / monitoring mode ▪ NIST and our recommendation, audit mode first (FCS/GBV) ▪ Generates Events in Code Integrity event log – Client side ▪ 1 event per process/file per boot cycle T
  • 20. Implementation assumptions •Prevent automated attacksGoal •If app is trusted on one machine in the company it’s trusted everywhereTrust •Majority of apps is installed in a managed fashionManagement K
  • 21. OSCC’s application control project kickoff Define scope Find POC department Analyze application types/needs Define catalog creating process Build Initial audit policy T
  • 22. OSCC’s application control project assessment phase Collect audit results Remediate audit results Deploy audit policy K
  • 23. OSCC’s application control project round-up Start enforcements for deployed systems Expand scope to more departments Sign policy? Start enforcement for new deployments T
  • 24. Proposed base policy ▪ Microsoft Base policy ▪ Block Microsoft known bypasses ▪ Microsoft Publisher rule ▪ Define managed installers ▪ Audit-mode Enabled ▪ Add-signerrule (Leaf certificate) ▪ Optional: Add-signerrule store for business cert K
  • 25. Common challenges ▪ Unsigned applications ▪ Self-Updating applications ▪ Temporary emergencies ▪ Inhouse developed apps T
  • 26. Catalog creation T ▪ Packageinspector.exe start c: ▪ Copy source files ▪ Install application ▪ Packageinspector.exe stop –out cat –name application.cat ▪ Sign cat-file ▪ Copy cat-file to : ▪ C:WindowsSystem32catroot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
  • 27. Generate trust from audit events ▪ Script to convert Audit entries to WMI ▪ Needs access to audited binaries ▪ Collect & Consolidate with SCCM ▪ Create rules based on consolidated list K
  • 28. Thanks to our event sponsors Silver Platinum #Scugbe #LLUniteBE #BEEMUG