beveilig je data met windows 10
TRANSCRIPT
![Page 1: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/1.jpg)
Time to Inspire
Beveilig data met Windows 10
Danny de Vries
![Page 2: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/2.jpg)
“Cyber security is a CEO issue.”-McKinsey
![Page 3: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/3.jpg)
Malicious Attachment Execution
Browser or Doc Exploit Execution
Stolen Credential Use
Internet Service Compromise
Kernel-mode Malware
Kernel Exploits
Pass-the-Hash
Malicious Attachment Delivery
Browser or Doc Exploit Delivery
Phishing Attacks
ESPIONAGE, LOSS OF IPDATA THEFT RANSOMLOST PRODUCTIVITYBUSINESS DISRUPTION
ENTER
ESTABLISH
EXPAND
ENDGAME
NETWORK
DEVICE
USER
Anatomy of an attack
![Page 4: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/4.jpg)
PASS-THE-HASH
Browser or Doc Exploit Execution
Theft of sensitive information, disruption of government.
PHISHING
NETWORK
DEVICE
USER
ENDGAME
Anatomy of an attack
![Page 5: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/5.jpg)
PASS-THE-HASH
Browser or Doc Exploit Execution
Theft of sensitive information, disruption of government.
PHISHING
NETWORK
DEVICE
USER
ENDGAME
Anatomy of an attack
http://natoint.com/900117-spain-forces-conclude-mission-in-central-african-republic/
![Page 6: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/6.jpg)
Browser or Doc Exploit Execution
PHISHING
ENDGAME
PASS-THE-HASH
Browser or Doc Exploit Execution
Theft of sensitive information, disruption of government.
PHISHING
NETWORK
DEVICE
USER
ENDGAME
Anatomy of an attack
PASS-THE-HASH NETWORK
DEVICE
USER
Land on exploit page
Exploit runs
Redirected to legitimate page
Total Elapsed Time: 00:00.1
![Page 7: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/7.jpg)
The Windows 10 Defense Stack
![Page 8: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/8.jpg)
Protect, Detect & Respond
![Page 9: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/9.jpg)
Windows as a Service
Threat protection over time
Attackers take advantage
of periods between
releases
P R O D U C T R E L E A S E
CA
PA
BIL
IT
Y
![Page 10: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/10.jpg)
Windows as a Service
P R O D U C T R E L E A S E
T H R E A T S O P H I S T I C A T I O N
CA
PA
BIL
IT
Y
Game change with Windows and Software as a Services
Disrupt and out
innovate our
adversaries by
design
Protection Gap
![Page 11: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/11.jpg)
Windows 7 Security features
![Page 12: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/12.jpg)
Windows 10 Security on Legacy or Modern Devices (Upgraded from Windows 7 or 32-bit Windows 8)
![Page 13: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/13.jpg)
Windows 10 Security on Modern Devices (Fresh Install or upgraded from 64-bit Windows 8)
![Page 14: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/14.jpg)
Virtualization BasedSecurity
![Page 15: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/15.jpg)
Traditional Platform Stack
Device Hardware
Kernel
Windows Platform Services
Apps
![Page 16: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/16.jpg)
Virtualization Based Security
Kernel
Windows Platform Services
Apps
Kernel
System Container
Tru
stle
t#
1
Tru
stle
t#
2
Tru
stle
t#
3
Hypervisor
Device Hardware
Windows Operating System
Hyper-VHyper-V
![Page 17: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/17.jpg)
The Future
![Page 18: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/18.jpg)
Credential Guard
![Page 19: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/19.jpg)
Access to one device can lead to access to many
1. Single IT Pro’s machine is
compromised
IT Pro manages kiosks/shared devices on
network
Attacker steals IT Pro’s access token
2. Using IT Pros access
token attacker looks for kiosk/shared devices and
mines them for tokens
3. Repeat
![Page 20: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/20.jpg)
Credential Guard
Pass the Hash (PtH) attacks are
the #1 go-to tool for hackers.
Used in nearly every major
breach and APT type of attack
Credential Guard uses VBS to
isolate Windows authentication
from Windows operating system
Protects LSA Service (LSASS) and
derived credentials (NTLM Hash)
Fundamentally breaks derived
credential theft using MimiKatz,
![Page 21: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/21.jpg)
Demo:
Credential Guard
![Page 22: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/22.jpg)
Introducing
Windows Defender Application Guard
![Page 23: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/23.jpg)
Application Guard for Microsoft Edge
![Page 24: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/24.jpg)
Application Guard for Microsoft Edge
![Page 25: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/25.jpg)
Information Protection
![Page 26: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/26.jpg)
Information Protection Needs
![Page 27: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/27.jpg)
Information Protection Needs
![Page 28: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/28.jpg)
Market Solutions for Data Loss Prevention
![Page 29: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/29.jpg)
Windows InformationProtection Lifecycle
![Page 30: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/30.jpg)
Demo:
Windows Information Protection
![Page 31: Beveilig je data met windows 10](https://reader031.vdocuments.us/reader031/viewer/2022030304/5877097a1a28ab890e8b6185/html5/thumbnails/31.jpg)
Did I inspire you?
Follow me on Twitter:@EBOOZ