The great cyber security expert Sami Laiho returned as a keynote speaker with the theme of Zero Trust, but this time from the point of view of securing endpoint applications.
Sami Laiho is an internationally renowned and recognized specialist in access rights and endpoint security. In this webinar, Laiho and Centero's Juha Haapsaari discussed the Zero Trust model and securing endpoint applications – even in environments of over 100,000 workstations.
These are some of the themes we covered:
• How to ease your workload with allow-listing.
• Is allow-listing difficult? (A hint: it is not.)
• Implementing AppLocker to trim down your application portfolio.
• Restricting admin rights to control your IT environment.
• Managing and updating applications after allow-listing operations.
Zero Trust is a new paradigm for cyber security in organizations. Modern IT environments are complex by nature, and both users and devices are constantly on the move. Traditional methods are not sufficient to properly secure this kind of environment, and that’s where Zero Trust comes in.
Identity and Access Management Playbook CISO Platform 2016Aujas
Checklist Playbook for CISO, CSO and Information Risk & Security Managers to plan and implement a successful IAM (Identity and Access Management) program. It covers Access Governance and Identity Administration, Single Sign On (SSO), Privileged Identity Management, and more.
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...Ivanti
The instantaneous shift from a centralized to distributed workforce is creating an imperative for implementing new operational and security frameworks. Zero trust is emerging as the mandated InfoSec policy to address these new security priorities.
Watch the webinar to:
• Understand the zero trust framework and the technical approaches you can take based on your IT architecture
• Determine your path forward for securing and modernizing network access without replacing your existing investments
• Learn how passwordless MFA and anti-phishing capabilities can better secure users and data
• Discover how endpoint management is evolving to address vulnerabilities using AI/ML
View this webinar, hosted by Cybersecurity Insiders now.
Identity and Access Management Playbook CISO Platform 2016Aujas
Checklist Playbook for CISO, CSO and Information Risk & Security Managers to plan and implement a successful IAM (Identity and Access Management) program. It covers Access Governance and Identity Administration, Single Sign On (SSO), Privileged Identity Management, and more.
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...Ivanti
The instantaneous shift from a centralized to distributed workforce is creating an imperative for implementing new operational and security frameworks. Zero trust is emerging as the mandated InfoSec policy to address these new security priorities.
Watch the webinar to:
• Understand the zero trust framework and the technical approaches you can take based on your IT architecture
• Determine your path forward for securing and modernizing network access without replacing your existing investments
• Learn how passwordless MFA and anti-phishing capabilities can better secure users and data
• Discover how endpoint management is evolving to address vulnerabilities using AI/ML
View this webinar, hosted by Cybersecurity Insiders now.
This Deck, gives you an overview of the zero trust security posture, considerations you should have while looking to adopt that posture, and the advantages of doing so.
Threat Modeling as a structured activity for identifying and managing the objects (such as application) threats.
Threat Modeling – also called Architectural Risk Analysis is an essential step in the development of your application.
Without it, your protection is a shot in the dark
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
Cyber Security Awareness Session conducted by Lightracers Consulting, for Management and non-IT employees. In this learning presentation, we will look at - What is Cyber Crime, Types of Cyber crime, What is Cyber Security, Types of Threats, Social Engineering techniques, Identifying legitimate and secure websites, Protection measures, Cyber Law in India followed by a small quiz.
Everyone is talking about or asking for red teaming. Most of them are getting it wrong. I talk about the history and definitions of red teaming, what you should be doing before you bother with red teaming and critical issues to watch out for when you do leverage it.
Presentation on Zero Trust model, used for the Codecademy Manipal Chapter event. Covers basic information about the Zero trust model, implementation, and benefits.
Cybersecurity roadmap : Global healthcare security architecturePriyanka Aash
Using NIST cybersecurity framework, one of the largest healthcare IT firms in the US developed the global security architecture and roadmap addressing security gaps by architecture domain and common security capability. This session will discuss the architecture framework, capability matrix, the architecture development methodology and key deliverables.
(Source : RSA Conference USA 2017)
“Are we secure?” It’s the most dreaded question that information security and risk management professionals need to answer. Compliance is a useful starting point, but the number of “compliant” organizations who still suffered a data breach is proof positive that compliance simply isn’t enough. That’s where maturity models come into play. In this presentation, I’ll show you how to apply a capability maturity model (CMM) to your identity and access management (IAM) program, using that model to assess where you are today. I’ll also share tools and techniques you can use to accelerate improvements to your program.
Zero trust for everybody: 3 ways to get there fastCloudflare
The COVID-19 pandemic has exposed the weaknesses of the traditional ‘castle-and-moat’ security model. Remote work has expanded attack surfaces infinitely outwards, and more than ever, organizations need to start from the assumption that their ‘castle’ is already compromised. Zero Trust has emerged as a compelling security framework to address the failures of existing perimeter-based security approaches. It’s aspirational, but not unachievable.
At Cloudflare, we’re making complicated security challenges easier to solve. Since 2018, Cloudflare Access has helped thousands of organizations big and small take their first steps toward Zero Trust.
In this presentation, Cloudflare will share their perspective on what the most successful organizations do first on their journey to Zero Trust.
We’ll cover:
-The Zero Trust framework, and our recommended ZT security model
-How 3 organizations of differing size and security maturity have implemented Zero Trust access
-Cloudflare’s Zero Trust implementation and lessons learned
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUlf Mattsson
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Description : Organizations have spent massive amounts of money to protect the perimeter of their networks, but if your business exists on the internet, there really is no perimeter. In this presentation, we'll discuss Digital Footprints in understanding your company’s external attack surface. We will discuss social, mobile, web attacks and analyze and review lessons learned recently publicized attacks (Polish banking institutions, Apache Struts Vulnerability or WannaCry ransomware. The speed of business and cybercrime isn't slowing down, so how can you be prepared to address and defend against these types of threats? Attend our session to find out how.
Reducing Your Digital Attack Surface and Mitigating External Threats - What, Why, How:
What is a Digital Footprint?
Breakdown of External Threats (Social, Mobile, Web)
What are blended attacks?
What is actually being targeting at your company?
How are your brands, customers, and employees being attack outside of your company?
How to become proactive in threat monitoring on the internet?
Considerations in External Threat solutions
Threat correspondence tracking considerations
Is legal cease and desist letters adequate in stopping attacks?
Examination of a phishing attack campaign
How phishing kits work
Analysis and lesson learned from recent published attacks
What are the most important capability in a digital risk monitoring solution?
Introduction of the possibilities to integrate with Dynamics 365 CE / PowerApps Platform. Talks about FLow, LogicApp and Azure Integration Services (Service Bus).
This session will take you on a journey of real world scenario of Office 365 tenant to tenant content migration encompassing SharePoint Online site collections, Office 365 Groups, OneDrive For Business and Office 365 Video with aggressive timeline and deadline for a global retail organisation.
We will cover:
- Examining the pitfalls of migrating to a new Office 365 tenant
- Introducing new standards for consistent structure
- Phases of project and how they determined what each phase would involve
- Highlighting technical difficulties encountered and how they were overcome
Deep dive into Microsoft Purview Data Loss PreventionDrew Madelung
Are you protecting your data at rest and in transit?
In this session we will go through all the different types of DLP in Microsoft Purview including endpoint, Exchange, Teams, SharePoint, OneDrive, and more. We will discuss the configuration options, why it is important, and the best practices to get started while going through a collection of demos.
You will leave this sessions with a deeper understanding of the technology and how it can impact your employee's experience
Automating with PowerShell - a favorite amongst security teams and hackers alike. Many modern attacks leverage PowerShell to evade antivirus, whitelisting, and other security products and technology.
This presentation will share ways a SIEM can detect modern PowerShell attacks. Techniques discussed include quick wins and more detailed practices, addressing false positives and high volumes of PowerShell logs. Take a deeper dive into PowerShell monitoring and advanced endpoint analytics with SANS Instructors Justin Henderson and Tim Garcia.
In this webinar you’ll gain the insights you need to solve business problems proactively with IT Service (ITSM) and IT Asset Management (ITAM) working together.
Our panel of speakers will discuss real-world use cases where combining ITSM and ITAM processes, data and insights can be part of an overall plan to maximize operational efficiencies and improve service delivery, while also optimizing compliance and cost.
Identity and Access Management (IAM): Benefits and Best Practices Veritis Group, Inc
Identity and Access Management (IAM) enables more cost-effective and efficient access management, authentication, identity management, and governance across your enterprise.
Read more on How IAM benefits your business and best practices for an effective IAM implementation.
Read more: https://www.veritis.com/solutions/identity-and-access-management-services/
Some of the most famous information breaches over the past few years have been a result of entry through embedded and IoT system environments. Often these breaches are a result of unexpected system architecture and service connectivity on the network that allows the hacker to enter through an embedded device and make their way to the financial or corporate servers. Experts in embedded security discuss key security issues for embedded systems and how to address them.
IBM i is securable BUT not secured by default. To help protect your organization from the increasing security threats, you must take control of all access points to your IBM i server. You can limit IBM i security threats by routinely assessing your risks and taking control of logon security, powerful authorities, and system access.
With the right tools and process, you can assure comprehensive control of unauthorized access and can trace any activity, suspicious or otherwise, on your IBM i systems.
Watch this on-demand webcast to learn:
• How to secure network access and communication ports
• How to implement different authentication options and tradeoffs
• How to limit the number of privileged user accounts
• How Precisely’s Assure Security can help
This Deck, gives you an overview of the zero trust security posture, considerations you should have while looking to adopt that posture, and the advantages of doing so.
Threat Modeling as a structured activity for identifying and managing the objects (such as application) threats.
Threat Modeling – also called Architectural Risk Analysis is an essential step in the development of your application.
Without it, your protection is a shot in the dark
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
Cyber Security Awareness Session conducted by Lightracers Consulting, for Management and non-IT employees. In this learning presentation, we will look at - What is Cyber Crime, Types of Cyber crime, What is Cyber Security, Types of Threats, Social Engineering techniques, Identifying legitimate and secure websites, Protection measures, Cyber Law in India followed by a small quiz.
Everyone is talking about or asking for red teaming. Most of them are getting it wrong. I talk about the history and definitions of red teaming, what you should be doing before you bother with red teaming and critical issues to watch out for when you do leverage it.
Presentation on Zero Trust model, used for the Codecademy Manipal Chapter event. Covers basic information about the Zero trust model, implementation, and benefits.
Cybersecurity roadmap : Global healthcare security architecturePriyanka Aash
Using NIST cybersecurity framework, one of the largest healthcare IT firms in the US developed the global security architecture and roadmap addressing security gaps by architecture domain and common security capability. This session will discuss the architecture framework, capability matrix, the architecture development methodology and key deliverables.
(Source : RSA Conference USA 2017)
“Are we secure?” It’s the most dreaded question that information security and risk management professionals need to answer. Compliance is a useful starting point, but the number of “compliant” organizations who still suffered a data breach is proof positive that compliance simply isn’t enough. That’s where maturity models come into play. In this presentation, I’ll show you how to apply a capability maturity model (CMM) to your identity and access management (IAM) program, using that model to assess where you are today. I’ll also share tools and techniques you can use to accelerate improvements to your program.
Zero trust for everybody: 3 ways to get there fastCloudflare
The COVID-19 pandemic has exposed the weaknesses of the traditional ‘castle-and-moat’ security model. Remote work has expanded attack surfaces infinitely outwards, and more than ever, organizations need to start from the assumption that their ‘castle’ is already compromised. Zero Trust has emerged as a compelling security framework to address the failures of existing perimeter-based security approaches. It’s aspirational, but not unachievable.
At Cloudflare, we’re making complicated security challenges easier to solve. Since 2018, Cloudflare Access has helped thousands of organizations big and small take their first steps toward Zero Trust.
In this presentation, Cloudflare will share their perspective on what the most successful organizations do first on their journey to Zero Trust.
We’ll cover:
-The Zero Trust framework, and our recommended ZT security model
-How 3 organizations of differing size and security maturity have implemented Zero Trust access
-Cloudflare’s Zero Trust implementation and lessons learned
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUlf Mattsson
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Description : Organizations have spent massive amounts of money to protect the perimeter of their networks, but if your business exists on the internet, there really is no perimeter. In this presentation, we'll discuss Digital Footprints in understanding your company’s external attack surface. We will discuss social, mobile, web attacks and analyze and review lessons learned recently publicized attacks (Polish banking institutions, Apache Struts Vulnerability or WannaCry ransomware. The speed of business and cybercrime isn't slowing down, so how can you be prepared to address and defend against these types of threats? Attend our session to find out how.
Reducing Your Digital Attack Surface and Mitigating External Threats - What, Why, How:
What is a Digital Footprint?
Breakdown of External Threats (Social, Mobile, Web)
What are blended attacks?
What is actually being targeting at your company?
How are your brands, customers, and employees being attack outside of your company?
How to become proactive in threat monitoring on the internet?
Considerations in External Threat solutions
Threat correspondence tracking considerations
Is legal cease and desist letters adequate in stopping attacks?
Examination of a phishing attack campaign
How phishing kits work
Analysis and lesson learned from recent published attacks
What are the most important capability in a digital risk monitoring solution?
Introduction of the possibilities to integrate with Dynamics 365 CE / PowerApps Platform. Talks about FLow, LogicApp and Azure Integration Services (Service Bus).
This session will take you on a journey of real world scenario of Office 365 tenant to tenant content migration encompassing SharePoint Online site collections, Office 365 Groups, OneDrive For Business and Office 365 Video with aggressive timeline and deadline for a global retail organisation.
We will cover:
- Examining the pitfalls of migrating to a new Office 365 tenant
- Introducing new standards for consistent structure
- Phases of project and how they determined what each phase would involve
- Highlighting technical difficulties encountered and how they were overcome
Deep dive into Microsoft Purview Data Loss PreventionDrew Madelung
Are you protecting your data at rest and in transit?
In this session we will go through all the different types of DLP in Microsoft Purview including endpoint, Exchange, Teams, SharePoint, OneDrive, and more. We will discuss the configuration options, why it is important, and the best practices to get started while going through a collection of demos.
You will leave this sessions with a deeper understanding of the technology and how it can impact your employee's experience
Automating with PowerShell - a favorite amongst security teams and hackers alike. Many modern attacks leverage PowerShell to evade antivirus, whitelisting, and other security products and technology.
This presentation will share ways a SIEM can detect modern PowerShell attacks. Techniques discussed include quick wins and more detailed practices, addressing false positives and high volumes of PowerShell logs. Take a deeper dive into PowerShell monitoring and advanced endpoint analytics with SANS Instructors Justin Henderson and Tim Garcia.
In this webinar you’ll gain the insights you need to solve business problems proactively with IT Service (ITSM) and IT Asset Management (ITAM) working together.
Our panel of speakers will discuss real-world use cases where combining ITSM and ITAM processes, data and insights can be part of an overall plan to maximize operational efficiencies and improve service delivery, while also optimizing compliance and cost.
Identity and Access Management (IAM): Benefits and Best Practices Veritis Group, Inc
Identity and Access Management (IAM) enables more cost-effective and efficient access management, authentication, identity management, and governance across your enterprise.
Read more on How IAM benefits your business and best practices for an effective IAM implementation.
Read more: https://www.veritis.com/solutions/identity-and-access-management-services/
Some of the most famous information breaches over the past few years have been a result of entry through embedded and IoT system environments. Often these breaches are a result of unexpected system architecture and service connectivity on the network that allows the hacker to enter through an embedded device and make their way to the financial or corporate servers. Experts in embedded security discuss key security issues for embedded systems and how to address them.
IBM i is securable BUT not secured by default. To help protect your organization from the increasing security threats, you must take control of all access points to your IBM i server. You can limit IBM i security threats by routinely assessing your risks and taking control of logon security, powerful authorities, and system access.
With the right tools and process, you can assure comprehensive control of unauthorized access and can trace any activity, suspicious or otherwise, on your IBM i systems.
Watch this on-demand webcast to learn:
• How to secure network access and communication ports
• How to implement different authentication options and tradeoffs
• How to limit the number of privileged user accounts
• How Precisely’s Assure Security can help
Application security meetup k8_s security with zero trust_29072021lior mazor
The "K8S security with Zero Trust" Meetup is about K8s posture Management and runtime protection, ways to secure your software supply chain, Managing Attack Surface reduction, and How to secure K8s with Zero-Trust.
How to go from waterfall app dev to secure agile development in 2 weeks Ulf Mattsson
Waterfall is based on the concept of sequential software development—from conception to ongoing maintenance—where each of the many steps flowed logically into the next.
Join this webinar presentation to learn:
- Why DevOps cannot effectively work in waterfall
- How to use DevOps tools to optimize processes in either development or operations through automation
We will also discuss what is needed to support full DevOps
Controlling Access to IBM i Systems and DataPrecisely
Security best practice and regulations such as SOX, HIPAA, GDPR and others require you to restrict access to your critical IBM i systems and their data, but this is easier said than done. Legacy, proprietary access protocols now co-exist with new, open-source protocols to create access control headaches.
View this webcast on-demand for an in-depth discussion of IBM i access points that must be secured and how exit points can be leveraged to accomplish the task. We’ll cover:
• Securing network access and communication ports
• How database access via open-source protocols can be secured
• Taking control of command execution
Expand Your Control of Access to IBM i Systems and DataPrecisely
Controlling all the ways your company’s data is being accessed, especially given the proliferation of open source software and other non-traditional data-access methods, is critical to ensuring security and regulatory compliance. This webinar reviews the different ways your data can be accessed, discusses how exit points work and how they can be managed, and why a global data access control strategy is especially important to efficiently protect sensitive data against unwanted access.
Topics include:
• IBM i access methods and risks
• Using exit programs to block traditional and modern access methods
• Real life examples and perspectives
BlackHat Presentation - Lies and Damn Lies: Getting past the Hype of Endpoint...Mike Spaulding
Signatures are dead! We need to focus on machine learning, artificial intelligence, math models, lions, tigers and bears, Oh My!! - STOP!! - How many times have we heard all these buzzwords at conferences, or our managers saying that solution X will solve all our problems. I don't know about you, but I was tired of listening to the hype and the over-use of these terms that really made no sense.
One thing is true, signatures are dead. Today's malware is created with obfuscation and deception and our opponents do not play fair. Do you blame them? They want to get in. Who needs to rob a bank anymore at gun point when the security door is left open and traps are easy to bypass. Thank you Powershell! So what's the answer? Is it Next Generation AV or EDR, or it is Security 101? Over the past 5 months, we have invested significant time building a business case for an Endpoint protection system - understand the problem, creating testing scenarios to evaluate 5 solutions in the market. Over 30,000 pieces of malware were put to the test from our internal private collection, as well as known and unknown samples freely available. With all of the marketing hype, brochureware and buzzwords, it's hard to know what's the real deal. As we talk to colleagues from other companies, one thing is clear, many still struggle with good testing methodologies, what malware to test and how to test their endpoint security.
We will discuss key considerations used in our decision-making process. Testing malware for our company was important, but it was not our only testing criteria. We looked at the ease of installation on the agent, use of their UI, SaaS, on-prem, hybrid, reporting, performance of agent using different system resources, how much the agent replied on their cloud intelligence compared to on-box performance, powershell scenarios, and a variety of other factors. Companies additionally need to take into consideration the cost of any potential new infrastructure, cost per seat, professional services, one off costs, 1, 2, 3 year terms and other factors. Ultimately, we want to extend our resources to help others in the industry and discuss key differences between the solutions that were evaluated.
Business applications like ERP, CRM, SRM, and others are one of the major topic of information security as these applications store business-critical data and any vulnerability in them can cause a significant monetary and reputational loss or even stoppage of business.
There are several myths about Business Applications Security such as:
Myth 1: Business Applications are available only internally.
Myth 2: ERP security is a vendors' problem.
Myth 3: Business Application internals are very specific and unknown to hackers.
Myth 4 ERP security is all about Segregation Of Duties.
Our findings explode these myths.
Kill Administrator: Fighting Back Against Admin RightsScriptLogic
We’re not talking about killing the Administrator. That would be you, and that would be wrong. Rather, it’s time we eliminated the role of Administrator from our Windows servers and desktops.
Administrator privileges are Windows’ necessary evil. Why? Standard Windows user rights just aren’t powerful enough to accomplish many needed tasks, so users demand elevated rights for everything. That’s the problem with Administrator: You either have it or you don’t.
With a new approach to delegating administrative privileges, you can granularly elevate privileges in applications and the operating system. Windows itself has such a solution in its built-in AppLocker functionality. AppLocker is a good tool to whitelist apps you’ve approved to run, but it isn’t without its shortfalls.
Join Concentrated Technology’s Greg Shields and ScriptLogic’s Nick Calavancia as they compare the AppLocker approach with ScriptLogic’s Privilege Authority product. You’ll find that finding the right balance requires the right set of tools.
In this webinar, we will cover:
1. Getting to least privilege – killing admin rights
2. Administrative granularity – balancing lockdown with productivity
3. Lockdown rules that work
Cyber security series administrative control breaches Jim Kaplan CIA CFE
This webinar series is designed to help internal auditors looking to equip themselves with competencies and confidence to handle audit of IT controls and information security, and learn about the emerging technologies and their underlying risks
The series focuses on contemporary IT audit approaches relevant to Internal Auditors and the processes underlying risk based IT audits.
Session 8 of 10
This Webinar focuses on Administrative Control Breaches
• Security Administration
• Purpose of Security Tools
• Examples of Security Tools
• Security Incident Manager (SIM)
• Problems with Security Administration
• Improving Administration
In the ever-evolving, fast-paced Agile development world, application security has not scaled well. Incorporating application security and testing into the current development process is difficult, leading to incomplete tooling or unorthodox stoppages due to the required manual security assessments. Development teams are working with a backlog of stories—stories that are typically focused on features and functionality instead of security. Traditionally, security was viewed as a prevention of progress, but there are ways to incorporate security activities without hindering development. There are many types of security activities you can bake into your current development lifecycles—tooling, assessments, stories, scrums, iterative reviews, repo and bug tracking integrations—every organization has a unique solution and there are positives and negatives to each of them. In this slide deck, we go through the various solutions to help build security into the development process.
Efficiencies in RPA with UiPath and CyberArk Technologies - Session 2DianaGray10
In this session, we will discuss the efficiencies you can find using UiPath and CyberArk technologies.
Topics covered:
Efficiencies with UiPath and CyberArk
Maturing your automation program
Implementing security controls for automation
Scalability
Automate privileged access
o Protecting privileged credentials
Similar to Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021 (20)
Taistelu mobiililaitteiden uhkia vastaan alkakoonTeemu Tiainen
Pidimme 22.11.2018 webinaariin, jossa pohdimme, miksi mobiilin tietoturvaan tulisi suhtautua jopa vakavammin, kuin lukittujen ympäristöjen päätelaitteiden suojaukseen.
Yrityksen arkaluonteisia tietoja sisältäviä mobiililaitteita on määrällisesti enemmän liikenteessä kuin firman läppäreitä. Kännykkä on äärimmäisen helppo saalis pitkäkyntisille ja suojaamattomana se suorastaan tyrkyttää itseään tietovuodon välineeksi.
Monen ammattilaisen taskussa kulkevat työsähköpostien ja liitetiedostojen ohessa yrityksen CRM-järjestelmät ja muut tietosuojan alaiset informaatiosisällöt. Suojaamaton mobiililaite on varmasti helpoin saatavilla oleva väline tietomurtoon ja yrityksen maineen tahraamiseen.
Mobiililaitteita koskevat nykypäivänä aivan saman kalliiksi tulevien tietomurtojen uhat kuin työasemiakin.
Mobiililaitteiden tietoturva on helposti ratkaistavissa oleva tietoturvariski. Usein ratkaisuksi riittää hallintajärjestelmä, jolla kadonnut laite voidaan tarvittaessa tyhjentää. Käsittelimme webinaarissa mobiilin tietoturva-aukkoja sekä kustannustehokkaita ratkaisuja suojauksen toteuttamiseen. Asiantuntijamme esittelivät ilmaiset sekä maksulliset työvälineet mobiilin turvaksi.
Webinaarissa kerroimme, kuinka organisaatiossa voidaan hoitaa mobiililaitteiden suojaus aukottomasti, kustannustehokkaasti ja keskitetysti.
Ravintolavaunuun unohtunut läppäri tarjoaa vapaan temmellyskentän ja keppostelun mahdollisuuden pahiksille! Salaamattomien laitteiden päätyessä vääriin käsiin, tieto on naurettavan helppo lukea ja tietovuotokatastrofin merkit leijuvat vahvana ilmassa.
Tietokoneiden lisäksi raakalaismaisille tunkeutujille helppoja saaliita ovat massamuistit, kuten kadulle pudonneet USB-tikut ja hyllyn reunalla köllöttelevät Flash-levyt.
Centeron asiakkailleen tekemissä tietoturvakartoituksissa paljastui huolestuttava perustavaa laatua oleva puute. Liikkuvien työasemien osalta, 73 % kartoitetuista organisaatioista ei ollut käytössä minkään tasoista päätelaitteiden tallennustilan salausta!
Nykyisin laitteiden salaus on vaivaton toteuttaa eikä loppukäyttäjää kuormiteta erillisillä salasanakirjautumisilla. 1.11.2018 järjestetyssä webinaarissa kävimme läpi esimerkkejä kiintolevyjen ja massamuistien tehokkaaseen salaukseen.
Miten FINCSC-kyberturvallisuussertifikaatti auttaa GDPR:n kanssa?Teemu Tiainen
Keväällä 2016 voimaan tullutta EU:n yleistä tietosuoja-asetusta ryhdytään soveltamaan käytäntöön 25. päivänä toukokuuta 2018.
Järjestimme 17.5.2018 webinaarin, jossa kerroimme viimehetken vinkit henkilötietojen käsittelyyn.
Asiantuntijoina webinaarissamme olivat Tuukka Laava kyberturvallisuuden tutkimus-, kehitys- ja koulutuskeskus JYVSECTEC:istä sekä Centeron Tuukka Tiainen, joka kertoi TOP 3 -haasteet Centeron asiakkailleen tekemien tietoturvakartoitusten pohjalta.
Webinaarissa kerroimme mm.:
- Mitä henkilötietojen käsittelyn asianmukainen suojaaminen tarkoittaa?
- Miten suojaamismenetelmien asianmukaisuutta voidaan arvioida?
- Kuinka FINCSC-sertifiointi edesauttaa suojaamistoimien toteutuksessa?
19.10.2016 klo 9.30 järjestimme webinaarin, jossa kävimme teknisen tietoturvan keskeiset osa-alueet lävitse ja kerromme, mitkä ovat kunkin osa-alueen asiat, jotka vähintään pitää olla kunnossa, jotta voi yöllä nukkua rauhallisin mielin. Asiantuntijavieraana webinaarissa on Microsoftin Partner Technology Strategist, Ari Auvinen, joka osaltaan kertoi, millaisia teknisiä ratkaisuja tietoturva-asioiden kunnostamiseen on olemassa.
Tietoturvallisen toimintakulttuurin rakentaminen EUn tietosuoja-asetus huomio...Teemu Tiainen
Keskiviikkona 23.11.2016 järjestimme webinaarin, jossa pohdimme, miten tietoturvallinen toimintakulttuuri rakennetaan EU:n tietosuoja-asetus huomioiden. Vuorossa oli siis hivenen pehmeämpiä asioita webinaarisarjan aiempiin osiin verrattuna.
Kävimme lävitse, millaisia asioita tulee huomioida mm. johtamisessa, yrityskulttuurissa ja henkilöstön osaamisessa.
Asiantuntijavieraanamme webinaarissa oli Relator Oy:n Olli Pitkänen. Olli toimii konsulttina organisaatioiden tietoturvallisuuden kehittämishankkeissa sekä vastaa Relatorin asiantuntijapalveluista.
Keskiviikkona 14.12. klo 9.30 järjestimme webinaarin, jossa paneuduimme Canon Oy:n Business Development Manager, Juuso Enjalan, kanssa tulostamisen ja fyysisten dokumenttien säilyttämisen käytäntöihin.
Tulostaminen ja fyysisten dokumenttien säilyttäminen on yllättävän suuri tietoturvariski niin pienissä kuin suurissakin yrityksissä. Pikainen vilkaisu asiantuntijan salkkuun, tulostimen vieressä olevaan roskakoriin ja pöydillä lojuviin papereihin paljastaa monesti tilanteen karulla tavalla.
Luonnollisesti EU:n tietosuoja-asetuksella (GDPR) on vaikutuksensa myös fyysisesti säilytettäviin dokumentteihin ja niiden tietoturvaan.
Oletko koskaan ajatellut, että tietoturvan huomioiminen tulostamisessa voisikin yllättäen säästää rahaa? Katso nauhoitteesta, mitä tämä tarkoittaa.
Webinaarissa käsittelimme mm. seuraavia asioita:
Mitä meillä tulostetaan tai saadaan tulostaa?
Miten varmistetaan, että tulosteet päätyvät oikealle henkilölle?
Parhaat käytännöt fyysisten dokumenttien tietoturvan kannalta?
Tulosteiden ja fyysisten dokumenttien tietoturva tietosuoja-asetuksen valossa?
Miten voit valmistautua EU:n tietosuoja-asetukseen tietotilinpäätöstä hyödynt...Teemu Tiainen
Keskiviikkona 19.4. klo 9.30 järjestimme webinaarin, jossa paneuduimme Sparta Consulting Oy:n Miko Eklöfin ja Heimo Hännisen kanssa tietotilinpäätökseen työkaluna EU:n tietosuoja-asetukseen valmistautumiseen.
Henkilötietojen on oltava hallussa, jotta niitä voidaan suojata ja niiden asianmukaisesta käsittelystä voidaan varmistua.
Henkilötietojen tietotilinpäätös on hyvä työkalu henkilötiedon haltuunottoon ja auttaa myös osoitusvelvollisuuden toteuttamisessa. EU:n tietosuoja-asetukseen valmistauduttaessa tietotilinpäätös on erinomainen työkalu.
Webinaarissa käsittelimme mm. seuraavia asioita:
Mitä tietotilinpäätös tarkoittaa?
Mitä hyötyjä se tarjoaa?
Miten tietotilinpäätös tehdään?
Tietotilinpäätöksessä kyse on organisaation osien ja ihmisten osaamisen yhdistämisestä ja kuvaamisesta tavalla, jota kaikki voivat hyödyntää.
Tietosuoja-asetuksen lisäksi tämä tarjoaa loistavan alustan toiminnan tehostamiseen.
EU:n uuden tietosuoja-asetuksen vaikutukset yrityksiin -webinaariTeemu Tiainen
Euroopan Unioni valmistelee uutta, huomattavasti aiempaa säätelyä tiukempaa tietosuoja-asetusta. Uusi sääntely vaikuttaa suureen osaan suomalaisista yrityksistä ja muista organisaatioista. Asetuksen noudattamatta jättämiselle on suunniteltu tuntuvia sanktioita, joten ei ole ihme, että aihe puhututtaa.
Koska aiheesta liikkuu paljon huhuja ja vähemmän ajantasaista tietoa, otimme asiasta selvää. Pureskelimme tulokset yhdessä yhteistyökumppanimme Trend Micron kanssa selkokielisen muotoon ja esittelimme ne maksuttomassa webinaarissa 21.9.2016 klo 9.30–10.30.
MIKÄ IHMEEN TIETOSUOJA-ASETUS?
Mitä GDPR:stä (General Data Protection Regulation) pitää tietää?
Webinaarissa kerromme:
•Millaista tietoa ja millaisia yrityksiä tietosuoja-asetus koskee?
•Missä valmistelutyö tällä hetkellä menee ja miltä aikataulu näyttää?
•Miten mikäkin tieto pitää suojata?
•Millaisia sanktioita yritykselle voi tulla, jos suojaus epäonnistuu?
•Miten ja milloin yrityksen kannattaa alkaa varautua uuteen sääntelyyn?
•Mitkä ovat asetusta silmällä pitäen keskeisimmät toimenpiteet, joista pitää huolehtia?
Webinaarin vetäjät:
Webinaarin asiantuntijavieraana toimii Trend Micron maajohtaja (Suomi ja Baltia), Kimmo Vesajoki. Isäntänä toimii Centeron asiakassuhteista vastaava Teemu Tiainen.
Miten käyttäjäkokemus virtualisoidaan Microsoft UE-V:n avulla?Teemu Tiainen
Torstaina 21.1. klo 9.30 järjestämme webinaarin monelle ehkä tuntemattomastakin aiheesta eli käyttäjäkokemuksen virtualisoinnista (User Experience Virtualization). Tuotteena teknologian taustalla on Microsoft UE-V.
Käyttäjäkokemuksen virtualisoinnin avulla voidaan esimerkiksi tehostaa ylläpitoa ja helpottaa käyttäjien elämää. Tule kuuntelemaan, miten se tapahtuu! Et tarvitse aiempaa kokemusta aiheesta.
Tässä tehokkaassa kolmen vartin webinaarissa Centero Oy:n Aku Suonpää kertoo, mistä ihmeestä on ylipäätään kysymys. Webinaarissa myös demotaan UE-V-tuotteen mahdollisuuksia käytännössä sekä käydään lävitse erilaisia skenaarioita, joissa käyttäjäkokemuksen virtualisoinnista saadaan ulosmitattua selkeitä hyötyjä.
Akulla on vuosikymmenen kokemus sovellusvirtualisoinnista ja hän on toiminut asiantuntijana niin Suomen suurimpien yliopistojen, kuin globaalisti toimivien pörssiyhtiöidenkin sovellusvirtualisointiprojekteissa.
Webinaarin jälkeen olemme varanneet riittävästi aikaa kysymyksille ja muulle jatkokeskustelulle.
Agenda:
• Mitä käyttäjäkokemuksen virtualisointi on?
• Demo (Microsoft UE-V)
• Millaisiin ympäristöihin ja tilanteisiin käyttäjäkokemuksen virtualisointi sopii?
Sovellusvirtualisointi - Mitä missä milloin 2015Teemu Tiainen
Materiaali on Centeron Aku Suonpään webinaarista 17.12.2015.
• Millainen on virtuaalinen sovellus ja mitä se yrittää olla?
o Kuinka virtuaalisovellus toimii?
o Vaikutukset käyttäjäkokemukseen
o Milloin kannattaa ja milloin ei?
• Virtuaalisovellusten jakelu
o Erot perinteisellä tavalla asennettujen sovellusten jakeluun nähden
• Sovellusten virtualisointi
o Erot MSI paketointiin
o Milloin helppoa ja milloin vaikeaa?
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Globus
The Earth System Grid Federation (ESGF) is a global network of data servers that archives and distributes the planet’s largest collection of Earth system model output for thousands of climate and environmental scientists worldwide. Many of these petabyte-scale data archives are located in proximity to large high-performance computing (HPC) or cloud computing resources, but the primary workflow for data users consists of transferring data, and applying computations on a different system. As a part of the ESGF 2.0 US project (funded by the United States Department of Energy Office of Science), we developed pre-defined data workflows, which can be run on-demand, capable of applying many data reduction and data analysis to the large ESGF data archives, transferring only the resultant analysis (ex. visualizations, smaller data files). In this talk, we will showcase a few of these workflows, highlighting how Globus Flows can be used for petabyte-scale climate analysis.
Experience our free, in-depth three-part Tendenci Platform Corporate Membership Management workshop series! In Session 1 on May 14th, 2024, we began with an Introduction and Setup, mastering the configuration of your Corporate Membership Module settings to establish membership types, applications, and more. Then, on May 16th, 2024, in Session 2, we focused on binding individual members to a Corporate Membership and Corporate Reps, teaching you how to add individual members and assign Corporate Representatives to manage dues, renewals, and associated members. Finally, on May 28th, 2024, in Session 3, we covered questions and concerns, addressing any queries or issues you may have.
For more Tendenci AMS events, check out www.tendenci.com/events
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisGlobus
JASMIN is the UK’s high-performance data analysis platform for environmental science, operated by STFC on behalf of the UK Natural Environment Research Council (NERC). In addition to its role in hosting the CEDA Archive (NERC’s long-term repository for climate, atmospheric science & Earth observation data in the UK), JASMIN provides a collaborative platform to a community of around 2,000 scientists in the UK and beyond, providing nearly 400 environmental science projects with working space, compute resources and tools to facilitate their work. High-performance data transfer into and out of JASMIN has always been a key feature, with many scientists bringing model outputs from supercomputers elsewhere in the UK, to analyse against observational or other model data in the CEDA Archive. A growing number of JASMIN users are now realising the benefits of using the Globus service to provide reliable and efficient data movement and other tasks in this and other contexts. Further use cases involve long-distance (intercontinental) transfers to and from JASMIN, and collecting results from a mobile atmospheric radar system, pushing data to JASMIN via a lightweight Globus deployment. We provide details of how Globus fits into our current infrastructure, our experience of the recent migration to GCSv5.4, and of our interest in developing use of the wider ecosystem of Globus services for the benefit of our user community.
Large Language Models and the End of ProgrammingMatt Welsh
Talk by Matt Welsh at Craft Conference 2024 on the impact that Large Language Models will have on the future of software development. In this talk, I discuss the ways in which LLMs will impact the software industry, from replacing human software developers with AI, to replacing conventional software with models that perform reasoning, computation, and problem-solving.
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTier1 app
Even though at surface level ‘java.lang.OutOfMemoryError’ appears as one single error; underlyingly there are 9 types of OutOfMemoryError. Each type of OutOfMemoryError has different causes, diagnosis approaches and solutions. This session equips you with the knowledge, tools, and techniques needed to troubleshoot and conquer OutOfMemoryError in all its forms, ensuring smoother, more efficient Java applications.
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...Shahin Sheidaei
Games are powerful teaching tools, fostering hands-on engagement and fun. But they require careful consideration to succeed. Join me to explore factors in running and selecting games, ensuring they serve as effective teaching tools. Learn to maintain focus on learning objectives while playing, and how to measure the ROI of gaming in education. Discover strategies for pitching gaming to leadership. This session offers insights, tips, and examples for coaches, team leads, and enterprise leaders seeking to teach from simple to complex concepts.
May Marketo Masterclass, London MUG May 22 2024.pdfAdele Miller
Can't make Adobe Summit in Vegas? No sweat because the EMEA Marketo Engage Champions are coming to London to share their Summit sessions, insights and more!
This is a MUG with a twist you don't want to miss.
Navigating the Metaverse: A Journey into Virtual Evolution"Donna Lenk
Join us for an exploration of the Metaverse's evolution, where innovation meets imagination. Discover new dimensions of virtual events, engage with thought-provoking discussions, and witness the transformative power of digital realms."
Enhancing Research Orchestration Capabilities at ORNL.pdfGlobus
Cross-facility research orchestration comes with ever-changing constraints regarding the availability and suitability of various compute and data resources. In short, a flexible data and processing fabric is needed to enable the dynamic redirection of data and compute tasks throughout the lifecycle of an experiment. In this talk, we illustrate how we easily leveraged Globus services to instrument the ACE research testbed at the Oak Ridge Leadership Computing Facility with flexible data and task orchestration capabilities.
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteGoogle
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
👉👉 Click Here To Get More Info 👇👇
https://sumonreview.com/ai-pilot-review/
AI Pilot Review: Key Features
✅Deploy AI expert bots in Any Niche With Just A Click
✅With one keyword, generate complete funnels, websites, landing pages, and more.
✅More than 85 AI features are included in the AI pilot.
✅No setup or configuration; use your voice (like Siri) to do whatever you want.
✅You Can Use AI Pilot To Create your version of AI Pilot And Charge People For It…
✅ZERO Manual Work With AI Pilot. Never write, Design, Or Code Again.
✅ZERO Limits On Features Or Usages
✅Use Our AI-powered Traffic To Get Hundreds Of Customers
✅No Complicated Setup: Get Up And Running In 2 Minutes
✅99.99% Up-Time Guaranteed
✅30 Days Money-Back Guarantee
✅ZERO Upfront Cost
See My Other Reviews Article:
(1) TubeTrivia AI Review: https://sumonreview.com/tubetrivia-ai-review
(2) SocioWave Review: https://sumonreview.com/sociowave-review
(3) AI Partner & Profit Review: https://sumonreview.com/ai-partner-profit-review
(4) AI Ebook Suite Review: https://sumonreview.com/ai-ebook-suite-review
Enhancing Project Management Efficiency_ Leveraging AI Tools like ChatGPT.pdfJay Das
With the advent of artificial intelligence or AI tools, project management processes are undergoing a transformative shift. By using tools like ChatGPT, and Bard organizations can empower their leaders and managers to plan, execute, and monitor projects more effectively.
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Anthony Dahanne
Les Buildpacks existent depuis plus de 10 ans ! D’abord, ils étaient utilisés pour détecter et construire une application avant de la déployer sur certains PaaS. Ensuite, nous avons pu créer des images Docker (OCI) avec leur dernière génération, les Cloud Native Buildpacks (CNCF en incubation). Sont-ils une bonne alternative au Dockerfile ? Que sont les buildpacks Paketo ? Quelles communautés les soutiennent et comment ?
Venez le découvrir lors de cette session ignite
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar
The European Union Agency for Law Enforcement Cooperation (Europol) has suffered an alleged data breach after a notorious threat actor claimed to have exfiltrated data from its systems. Infamous data leaker IntelBroker posted on the even more infamous BreachForums hacking forum, saying that Europol suffered a data breach this month.
The alleged breach affected Europol agencies CCSE, EC3, Europol Platform for Experts, Law Enforcement Forum, and SIRIUS. Infiltration of these entities can disrupt ongoing investigations and compromise sensitive intelligence shared among international law enforcement agencies.
However, this is neither the first nor the last activity of IntekBroker. We have compiled for you what happened in the last few days. To track such hacker activities on dark web sources like hacker forums, private Telegram channels, and other hidden platforms where cyber threats often originate, you can check SOCRadar’s Dark Web News.
Stay Informed on Threat Actors’ Activity on the Dark Web with SOCRadar!
Accelerate Enterprise Software Engineering with PlatformlessWSO2
Key takeaways:
Challenges of building platforms and the benefits of platformless.
Key principles of platformless, including API-first, cloud-native middleware, platform engineering, and developer experience.
How Choreo enables the platformless experience.
How key concepts like application architecture, domain-driven design, zero trust, and cell-based architecture are inherently a part of Choreo.
Demo of an end-to-end app built and deployed on Choreo.
A Comprehensive Look at Generative AI in Retail App Testing.pdfkalichargn70th171
Traditional software testing methods are being challenged in retail, where customer expectations and technological advancements continually shape the landscape. Enter generative AI—a transformative subset of artificial intelligence technologies poised to revolutionize software testing.
How Recreation Management Software Can Streamline Your Operations.pptxwottaspaceseo
Recreation management software streamlines operations by automating key tasks such as scheduling, registration, and payment processing, reducing manual workload and errors. It provides centralized management of facilities, classes, and events, ensuring efficient resource allocation and facility usage. The software offers user-friendly online portals for easy access to bookings and program information, enhancing customer experience. Real-time reporting and data analytics deliver insights into attendance and preferences, aiding in strategic decision-making. Additionally, effective communication tools keep participants and staff informed with timely updates. Overall, recreation management software enhances efficiency, improves service delivery, and boosts customer satisfaction.
How Recreation Management Software Can Streamline Your Operations.pptx
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
1. 1
Zero Trust And Best Practices for
Securing Endpoint Apps
Webinar starting soon…
Speakers:
⬅ Sami Laiho (Adminize) and Juha Haapsaari (Centero) ➡
💬 Present questions in the chat.
5. 5
Sami’s Agenda
• How to ease your workload with allow-listing.
• Is allow-listing difficult?
• Implementing AppLocker to trim down your application portfolio.
• Restricting admin rights to control your IT environment.
• Managing and updating applications after allow-listing operations.
6. 6
Sami Laiho
Senior Technical Fellow
adminize.com / Sulava
• IT Admin since 1996
• MCT since 2001
• MVP in Windows OS since 2011
• ”100 Most Influencal people in IT in Finland” – TiVi’2019,2020
• Specializes in and trains:
• Troubleshooting
• Windows Internals
• Security, Social Engineering, Auditing
• Centralized Management, Active Directory
• Trophies:
• Ignite 2018 – Session #1 and #2 (out of 1708) !
• Best Speaker at NIC, Oslo 2016, 2017, 2019 and 2020
• Best External Speaker at Ignite 2017
• TechDays Sweden 2016, 2018 – Best Speaker
• Best Session at AppManagEvent 2017, 2018, Utrecht
• Best Sessions (#1 and #2) at TechTalks 2017, Helsinki
• TechEd Europe and North America 2014 - Best session, Best speaker
• TechEd Australia 2013 - Best session, Best speaker
• TechEd Europe 2013 - Best Session by an external speaker
11. 11
”An ounce of prevention is worth a
pound of cure”
Benjamin Franklin
12. 12
Why Zero Trust?
• Empower your users to work more
securely anywhere and anytime, on
any device
• Enable digital transformation with
intelligent security for today’s
complex environment
• Close security gaps and minimize
risk of lateral movement
15. 15
My Take on Secure Environment
• Up to date hardware and software inventory
• BitLocker
• Principle of Least Privilege
• Allow listing
• Tier Model for AD
• Using PAW-model
• Authenticating/Encrypting all network traffic
• MFA, strong authentication
• Monitoring (SIEM & SOC)
26. 26
Allow-Listing options
• Windows NT4
• User Policy driven whitelist for exe names
• Windows XP/2003
• Software Restriction Policy
• Windows 7 Enterprise+ / Server 2008 r2+
• AppLocker
• Windows 10 Enterprise+ / Server 2016+
• Hypervisor-based Code Integrity (HVCI)
• Third Party…
27. 27
Common things about Allow-listing
• Allow-listing is the most effective way to increase a companys
security!
• Effective Allow-listing works only when combined with the Principle
of Least Privilege
• Windows Defender Application Control works for admins as well… if it works…
• No builtin reporting in native options
• Allow-listing is a security barrier – Deny-listing is not!
• For servers things are a little different (RDS vs others)
29. 29
SRPv1 – Software Restriction Policy
• Allow-list or Deny-list
• One ruleset
• Executables
• Dlls
• Scripts
• Windows Installers
• Extensible list of filetypes
• Targeted at the computer level
• Can rule out admins
• SRP supports four types of rules:
• Hash
• Path
• Signature
• Internet zone
• No support for Universal Apps
• No Audit mode
• No rule exceptions
• No import/export
32. 32
AppLocker
• Blacklisting and Whitelisting
• Can target computers, users or groups
• All software needs to be preapproved in some way
• Location, hash or signature based
• Is based on a native function of the Windows OS since Windows 7
• Requires Enterprise version of Windows (unless you have inTune)
• Requires the AppIDSvc-service and uses a Kernel Mode driver for
enforcement
34. 34
File/Folder Rules
• You can allow a Folder as c:folder*
• You can allow a certain file like c:folderfile.exe
• You can also use wildcard * like c:users*appdatalocalSoftware1*
• AppLocker doesn’t support Windows variables
• Sysvol or NETLOGON require all DC’s to be added separately
• dc1SYSVOL*
• dc2SYSVOL*
• dc3SYSVOL*
• UNC-paths might need to be added in three different formats
• Server1Share*
• server1.domain.localShare*
• 172.16.0.21Share*
• R:*
35. 35
Publisher-rules
• Best option after Path-rules
• Try to stick to Company-level instead of certain filenames or versions
• *-rule says that any file signed by a trusted signer is OK to run
• Trust your own certificate or buy an externally trusted certificate
36. 36
Hash-rules
• Don’t use unless you can’t use Path-rules or Publisher-rules
• Usable exception if the binary doesn’t change often
37. 37
AppLocker HOW TO
• Keep to containers not items – Folders vs Files, Publishers vs Hashes
• Remember to audit your installation with AccessChk!
• Remember NO ADMIN RIGHTS!!
40. 40
Signing
• 95% of Malware is not signed – just something to think about
• You can sign apps yourself
• Use Timestamp if possible!
• If you have the cert on your computer installed:
• Signtool sign /v /s MY /n MyPrivateCert
/t http://timestamp.verisign.com/scripts/timstamp.dll FileToSign.exe
• If not:
• Guide: https://blogs.msdn.microsoft.com/winsdk/2009/11/13/steps-to-
sign-a-file-using-signtool-exe/
49. 49
Hardening Whitelisting
Make sure your containers don’t leak (this is one batch file) – CHECK THE LATEST FROM GITHUB!
https://gist.github.com/api0cradle/95cd51fa1aa735d93311
86f934df4df9#file-accesschk-bat
51. 51
Tools to help
• Oddvar Moe’s
• Ultimate AppLocker ByPass List
• https://github.com/api0cradle/UltimateAppLockerByPassList
• PowerAL
• https://github.com/api0cradle/PowerAL
• AaronLocker
• https://blogs.msdn.microsoft.com/aaron_margosis/2019/01/28/aaronlocker-
moved-to-github/
• Microsoft’s list of what to block: https://docs.microsoft.com/en-
us/windows/security/threat-protection/windows-defender-
application-control/microsoft-recommended-block-rules
55. 55
Device Guard
• Single purpose machines
• Currently for example Office is super difficult
• No user exceptions
• VERY HARDCORE!!
• Especially with Hypervisor level enforcement
• Drivers need to support it
• Some really don’t…
• IO-MMU to make it bulletproof
59. 59
Allow-Listing can stabilize what you
have…
But now that you have a strict list of what you allow you still need to keep those up
to date!
60. 60
Installed apps are always up to date without distracting users
Initial app deployment
Forced by admins Available for users
Available apps are allow-listed by organization policies
User friendly application deployment
61. 61
End-users
New features and bug fixes to
applications
Don’t need to worry about
installations, updating etc.
Always up-to-date tools
IT department
Standartized and managed
endpoint environment is easier
to maintain.
It also produces less support
requests to contact center
License management is simpler
Organization
Saves end users’ and IT
derpartment’s time
Improves cybersecurity a lot
Why endpoint applications should be managed?
💬 Present questions in the chat.
63. 63
What annoys end users on app updates?
40 %
Confusion
40 %
Lost time
20 %
Wrong
time
20 %
Too much
💬 Present questions in the chat.
64. 64
Keeping applications up to date ”manually”
Monitoring
software
versions and
vulnerabilities
Repeats
every working
day.
Downloading
an installation
package
Packaging
Testing
Upload to a
management
system
Configuring a
deployment
Repeats for every new application version.
💬 Present questions in the chat.
65. 65
Installed apps are always up to date without distracting user
Centero Software Manager
Initial app deployment
Forced by admins
Silently on background
Available for users
Self-service (Company Portal, Software Center etc.)
Available apps are allow-listed by organization policies
AppLocker
User friendly application deployment
66. 66
CSM is built to automatize your application management
💬 Present questions in the chat.