The Defender’s Guide to Budgetless Endpoint Hardening

Presented at Blue Team Con 2022, Aug. 28, 2022, 2 p.m. (50 minutes)

Hardening the endpoint is one of the first and most effective measures implemented by defenders to protect organizations against attackers. The EDR, XDR and antivirus space is full of vendor solutions to detect and prevent malware, but what can a budget conscious blue team do to block malware without spending a dime?

This talk will dive into cost free hardening tools and techniques that can be implemented to better protect endpoints from attack. Hardening techniques like leveraging Windows Firewall to block unwanted outbound network traffic, implementing Windows Attack Surface rules, disabling unneeded endpoint services and more will be discussed throughout the interactive session.

Session participants will leave with zero cost, actionable, and easy to implement endpoint hardening measures that can be implemented in various types of computing environments.

Presenters:

• Matt Coons - Threat Response, PwC
  Matt is a member of PwC’s threat response team and has previously held DFIR roles for organizations in higher education and healthcare. Matt has an undergraduate degree in Digital Forensic Science, and a graduate degree in Information Security Operations. Matt’s professional certifications include the DFCB (Founder), GCFA, GCSA and CCSP.

Similar Presentations:

• BSidesLV 2019 / Linux Hardening - The Easy Way
• DeepSec 2013 „Secrets, Failures, and Visions“ / Applied Crypto Hardening
• HushCon Seattle 2018 / Hacking and Hardening Kubernetes