Protecting Windows Credentials: An Excessive Guide for Security Professionals

Presented at BSidesLV 2017, July 26, 2017, 2 p.m. (55 minutes).

Average users might never be safe from credential-theft on Windows, but security professionals have a significant enough threat model and have the necessary skills to protect themselves beyond clicking on a few UAC prompts. Through some extreme hardening measures, a handful of 3rd party and custom tools, and perhaps a few over-the-top security practices, you will learn to turn a default Windows installation into a highly secure computing environment.

Because Windows is a leaky bucket when it comes to user credentials, it's critical that you understand the Windows security model and mitigations available, but it is also important to use those features to the fullest, way beyond what a regular IT professional might apply. It's vital to know exactly what is happening on your system and be aware of any changes that might affect security. You must maximize the encryption facilities available to you and implement extra measures where appropriate.

Windows is a huge operating system with an attack surface to match. It has a legacy of insecurity but certainly is capable of becoming a solid computing environment.


Presenters:

  • Mark Burnett - Consultant - Mark Burnett
    Mark Burnett is an infosec consultant and author. He has spent most of the last twenty years researching, consulting, writing, and sometimes just ranting about how to secure the software and operating systems we work with every day. Mark has written several books, published numerous magazine and online articles, and produced software developer training courses. Mark has a particular passion for passwords and wrote the book Perfect Passwords which gives advice and tips on dealing with passwords in our daily lives.

Links:

Similar Presentations: