BlackBelt – Moving from Reactive to Proactive Security

BlackBelt – Moving from Reactive to Proactive Security

ATTENTION! This course is taught in english!

Gartner has said that one of the most needed changes in enterprise security is to move to a least privilege approach, whitelisting of applications and overall proactive security. Microsoft said in November 2015 that 85% of all security threats would have been mitigated by moving to proactive security. In year 2015 all major antimalware companies reported more than 250000 new malware samples EVERY day! Do you really need more convincing that you need to do it as well than these facts.

Level: 300

Target audience: This training is meant for all administrators and security professionals who want to make sure their environments are ready for the new security era where traditional security measures like anti-malware are not effective anymore.

Prerequisites Basic experience with Windows Administration, Basic understanding of Active Directory, Basic understanding of networking infrastructure.

Coursegoals: Join this four day workshop by Sami Laiho, one of the world’s leading Windows Security experts and get this thing sorted out and make sure you are prepared for the future. During this hands-on training you will see why proactive security is mandatory and also learn to implement it in practice. In this workshop you can choose to work with Windows 7, 8.1 or 10 to make sure you can really implement it when you head back home.

Material: Labmanual and slides.

Detailed content description (Agenda):

Day 1:

  • Introduction to the current and future state of IT security
  • The showcase of how Windows really gets hacked!
  • Implementing hard disk encryption
  • Cornerstones of Windows Security – How the Security Subsystem really works


Day 2:

  • Implementing the principle of least privilege – getting rid of admin rights!
  • Correct use of different levels of admin accounts in an enterprise
  • Why and How to use UAC effectively
  • Server 2016 Bastion forests and the future of Active Directory security


Day 3:

  • Mitigating Pass-The-Hash attacks
  • Getting rid of lateral movement of admin accounts
  • Correct decisions when choosing secure hardware in the future
  • Moving to Biometrics and Two-Factor Authentication


Day 4:

  • Whitelisting in Windows
  • AppLocker in Windows 7 and 8.1
  • AppLocker and Device Guard in Windows 10