Security Day 2019 se blíží
29. 07. 2019|
29. 07. 2019|
Využijte poslední příležitosti zúčastnit se exkluzivního semináře pod vedením mezinárodně uznávané bezpečnostní expertky Pauly Januszkiewicz. Na semináři Ultimate Hacking and Forensics Experience for IT Pros zbývá pouhých 10 volných míst!
Are there any attacks that are effective, reliable and almost always work? Of course! Even though an organization manages well the infrastructure, patches are regularly installed, network is monitored – there are attacks that are still working perfectly as it is really a matter of misconfiguration rather than serious security vulnerability.
Could cloud technologies help it? Are Office 365, Azure secure? How to measure it? Is it worth to move some of the services to the cloud and mitigate the risk of breach? The problem is that some infrastructure mechanisms relay on type of communication used within the attacks and they use it for the normal communication: single sign-on authentication, service accounts, network sharing etc. and in vast majority of organizations that can be leveraged!
Join Paula during this seminar to become familiar what are the biggest mistakes in infrastructure security that from the attacker perspective can be pretty much always exploited and leave the conference with suggestions & ideas how to reach the next level of security in your workspaces.
administrators, infrastructure architects, security professionals, systems engineers, network administrators, IT professionals, security consultants and other people responsible for implementing network and perimeter security.
Authors' unique tools, presentation slides with notes, workshop instructions.
At the end participants will receive the online Certificate of attendance signed by the Paula Januszkiewicz.
Module 1: Defining the Role of Security Solutions in the Infrastructure
This module highlights the role od security in digital transformation initiatives and allows for better understanding of the impact that mobility and cloud have on the organization.
1. Security in hybrid environments
2. Zero trust networks as a new network security paradigm
3. Security management automation
4. Windows Subsystem for Linux
5. Exploit Guard
6. Aspects of security monitoring and incident response
Module 2: The meaning of the Kill-Chain
In Module 2, you will learn techniques used by modern malware. For ransomware and other types of malware observed in the wild, the whole kill chain has changed over years to reach its current form. And your defense should change too.
1. Application Whitelisting (AppLocker, Device Guard)
2. Whitelisting implementation best practices
3. Code signing techniques
4. Hardware supported protection techniques
5. Cloud-based protection against malware
6. Implementing account scoping
7. Good practices for implementing Local Admin Password Solution
8. Cloud based monitoring
Module 3: Identity as a perimeter. Attacks and defense.
This module involves various attacks on identity, mitigations and risk assesment factors.
1. Decrypting passwords from storage locations
2. Credential Guard (Virtual Secude Mode)
3. Multi-factor Authentication
4. Stealing passwords and tokens from OS memory
5. Meaning of SYSTEM and SECURITY registry hives
6. Extracting hashes from SAM and NTDS.dit databases
7. Kerberos and NTLMv2 issues
8. Performing the Pass-The-Hash attack
9. Cached logons (credentials) security
10. Data Protection API (DPAPI) as a foundation for Windows cryptography
Module 4: Implementing threat prevention and detection through a comprehensive platform in the Hybrid environments
In this module you will become familiar with important aspects of cloud security including easy to use solustion, integration with the current environment and monitoring tools.
1. Information Protection issues
2. Classification and protection of data
3. Azure Information Protection
4. Microsoft Operations Management Suite
5. Active Directory and Azure AD Security
6. Azure AD Privileged Identity Management
7. Multi Factor Authentication with Azure
8. Cloud Access Security Broker (CASB)
9. Windows Defender Advanced Threat Protection
10. Advanced Threat Analytics
11. Azure Advanced Threat Protection
12. Office Advanced Threat Protection
13. Protecting against virtualization platform issues - Shielded VMs
14. Storage Encryption
15. Azure Key Vault
16. Just Enough Adminstration
17. Desired State Configuration
18. ESAE: Red Forest
19. Privileged Access Management
Module 5: Securing Monitoring Operations and Forensics
Starting from analysis of available monitoring solutions, ending up with designing the secure monitoring process.
1. Industry Best Practices
2. Critical Security Controls
3. Host, Port and Service Discovery
4. Vulnerability Scanning
5. Monitoring Patching, Applications, Service Logs
6. Detecting Malware via DNS logs
7. Monitoring Change to Devices and Appliances
8. Leveraging Proxy and Firewall Data
9. Configuring Centralized Windows Event
10. Log Collection
11. Monitoring Critical Windows Events
12. Detecting Malware via Windows Event Logs
13. Scripting and Automation
14. Importance of Automation
15. Role of Forensics Analysis in Incident Response
16. Forensic Readiness and Business Continuity
17. Computer Forensics Process
18. Collecting Electronic Evidence
19. Challenging Aspects of Digital Evidence
Module 6: Windows and Cloud Security Summary
Module covers discussion about solutions and implementations with top priorities. In this module we will focus especially on Hybrid environment and its security. Also, on how to combine different solutions on premise and cloud to get the most fucntionality and flexibility together with high security.
Aby vaše soukromá data zůstala soukromá a vaše důvěrná komunikace důvěrnou, není v dnešní době natolik složité zajistit. Jde především o důslednost a pochopení základních IT bezpečnostních principů. I přesto se většina běžných uživatelů na bezpečnost svých dat a v konečném důsledku i bezpečnost svou dívají jako na něco, co se jim stát nemůže, protože "koho by jejich data asi tak mohla zajímat". Zjistit více »
Školení EC-Council Certified Security Analyst se dočkalo zajímavého rozšíření. Spolu s Williameme Ischanoe vede tento kurz také Roman Kümmel. V rámci jednoho kurzu tak získáte dvojnásobný počet informací a příležitost načerpat mnohaleté informace od obou lektorů. Zjistiti více »
Využijte slevy až 27% na kurzy konané v pražské a brněnské pobočce Počítačové školy GOPAS! Po dobu července a srpna můžete využít slevy 12 - 27% na standardní otevřené kurzy, které se uskuteční v období od 1. 7. do 31. 8. 2019. Zjistit více »