[IGNITE ’18] Dear Hacker: Infrastructure Security Reality Check

It’s easy to imagine every hacker as a fiercely intelligent individual who launches attacks of such baffling sophistication we are powerless to prevent or repel them. In reality, hackers frequently use the same tried and tested pathways to enter a system and with the right knowledge, you can stop them in their tracks.

In today’s intensive Microsoft Ignite Pre-Day Workshop Paula went through the standard tasks performed by hackers and penetration testers when checking for misconfigurations and vulnerabilities.

After that, she shone a light into all those forgotten corners of your OS where buried treasure in the form of those not-so-obvious settings which you can use to defend against attacks is located. To up the power of your defensive game, Paula also gave a rundown of the newest tools available to support you in your everyday checklist of security tasks.

Scroll down to access her precon slides and to find a download link for all the tools she used in this session.

Precon description:

It is all about these ‘little things and details’. For a hacker it is enough to get only one of them exploited, for administrators it is so much harder – they need to know them all. Experience shows that in vast majority of companies, the security guidelines are too generic and they do not cover most of the security aspects of the newest software and operating systems. Of course it requires some very specific knowledge that may be hard to learn when the work focuses more on creating than destroying, but the results will provide a perspective on what other people with bad intentions can see. Sometimes it is really surprising how often the same paths to enter to the system can be used! During this intensive workshop, you will become familiar with the mandatory tasks that are performed by hackers or penetration testers in order to check for misconfigurations and vulnerabilities. You will become familiar with the forgotten regions in the operating system where you will find the not-so-obvious settings that help a lot in the hardening process. You will also become familiar with the newest tools that will support you in your everyday tasks. You will leave with a checklist to reference when reviewing your own infrastructure security.

Download the tools from the precon >> HERE << (password: CQUREAcademy#123!)


Take part in Quiz 3.0!