Securing Windows with Group Policy

Presented at CircleCityCon 8.0 (2021) Virtual, Unknown date/time (Unknown duration).

Group Policy exists in almost every modern business environment. Many organizations do not use Group Policy extensively, effectively or at all. We all face problems with securing our Windows environments, but most do not realize they already have the best tool for the job.

Do you understand how Group Policy is processed? Did you know you can manage both Active Directory groups and user rights? What about securely running Scheduled Tasks and do you even manage Services, bro? Why do all your Administrative accounts have extra permissions like Debug Programs? And why the hell are you afraid of AppLocker?

Remember, Group Policy is an ENTERPRISE scale Windows registry editor and more.


Presenters:

  • Josh Rickard - Security Research Engineer at Swimlane
    Josh is focused on automating everyday processes used in business and security. He is an expert in PowerShell & Python, a GIAC Certified Windows Security Administrator (GCWN), a GIAC Certified Forensic Analyst (GCFA), and has a diverse background ranging from system administration to digital forensics, incident response and managing teams and products. Josh has presented at multiple conferences including DerbyCon (2x), ShowMeCon (2x), BlackHat Arsenal, CircleCityCon, Hacker Halted, and numerous BSides. In 2019, Josh was awarded a SC Media Reboot Leadership Award in the Influencer category and is featured in the Tribe of Hackers: Blue Team book. Josh shares his experience about automation, code, and security on Swimlane’s (https://swimlane.com/blog) and his personal blog (https://letsautomate.it). You can find information about open-source projects that Josh creates and maintains on GitHub at https://github.com/MSAdministrator.

Similar Presentations: