Resumen

There are over 100 endpoint security products that claim to stop malware and other attacks against Windows. Nearly every major security incident or breach that has made media headlines had two things in common: Windows; and one of these 100 products. This workshop won't spend any time bashing vendors, however. In fact, many of these products can be valuable assets when part of a more comprehensive endpoint protection strategy.

This workshop is divided into two sections: Lecture and Hands-on labs.

Lecture: May 21 - 25

Total Lecture time: 4 hours

The lectures will be pre-recorded and will be made available starting May 21. You will be able to view the recordings as many times as you want to.

Adrian will address the anatomy of malware and why it succeeds so often. He will dive down into practical defensive strategies, including passive prevention, detection, response, and remediation.

  • Passive prevention is effectively free and ideal
  • Prevention will always fail a percentage of the time, so detection is essential
  • Response, if practiced and efficient, has a chance of stopping attacks before they reach their goal
  • Remediation, because someone has to clean up this mess...
  • Every successful security strategy includes planning to handle failure quickly and effectively.

    We highly recommend you watch the lecture part prior to the live, hands-on section, scheduled for May 26

    Hands-on Labs: May 26 from 9am to 1pm EST

    Total Lab time: 4 hours

    Adrian will review the native defensive capabilities in Windows and the pros/cons associated with using them. The latest defenses built into Windows 10 will be explored in a guided tour as attendees follow along.

    Adrian will guide brave and trusting attendees through running both real and simulated malware on the virtual Windows systems provided for this workshop. We will do this, first, to get a feel for the destructive impact of modern malware and ransomware. Second, we will use an unprotected system as the baseline for testing our newfound defensive skills. We will reset and harden our virtual class systems to learn firsthand how active and passive defenses built into Windows 10 can be used to defeat many types of attacks and malware.

    Requirements:

  • A connection to the Internet
  • An Amazon Workspaces Client - see requirements here: https://clients.amazonworkspaces.com
  • Amazon WorkSpaces Client Download https://clients.amazonworkspaces.com

  • Instructor: Adrian Sanabria - @sawaba - Director of Research at Savage Security

    Adrian is the Research Director and Co-Founder of Savage Security. He spent a decade building security programs and defending large financial firms. He also spent four years as a consultant, performing penetration tests, PCI audits and other security-related assessments. Adrian learned the business side of the industry as a research analyst for 451 Research, working closely with vendors and investors. He is an outspoken researcher and doesn't shy away from the truth or being proven wrong. Adrian loves to write about the industry, tell stories and still sees the glass as half full.