10+ Up-To-Date Ways to Harden Windows Against Modern Active Directory Attacks with Randy Franklin Smith

STEALTHbits Technologies, Inc © 2018
Identify Threats. Secure Data. Reduce Risk.
STEALTHbits Logo

The bad guys have dreamed up a lot of new ways to attack Active Directory and the larger Windows environment. And methods that in the past were just theoretical are now common place. Randy Franklin Smith has been talking a lot about how to detect these attacks and also how to architect your environment to prevent them – such as with the “red forest” design. In this webinar, Randy is going to show you over 12 different ways to harden Windows using Security Options in Group Policy, registry settings and more to protect against Active Directory attacks. Here is some of what will be covered:

  • LSA Protection
  • WDigest
  • Computer Password Policy Refresh Interval
  • Limit local user account logon restrictions with the S-1-5-113 (Local account) and S-1-5-114 (Local account and member of Administrators group) SIDs
  • Restrict Domain and Enterprise Admins from logging on to less privileged servers and workstations
  • Mark privileged accounts as "sensitive and cannot be delegated"
  • Restrict NTLM by putting privileged accounts in the Protected Users security group
  • Restricted Admin mode for Remote Desktop Connection
  • PowerShell Script Block Logging and ConstrainedLanguage Mode 
  • PAC Validation
Jeff Warren, SVP of Technical Product Management from STEALTHbits is helping Randy put this real training for free session together and Jeff will briefly show how STEALTHbits can help defend your network against modern attacks.

View the Webinar!

LinkedIn
Twitter
YouTube
STEALTHbits Technologies Webinar 10+ Up-To-Date Ways to Harden Windows Against Modern Active Directory Attacks