Preventing an Enterprise Win10 Rollout Being Remotely Controlled and Ransomed


Posted on in Presentations

A case-study for static and dynamic testing of Win10 enterprise rollout images. How this saved an organization from deploying an image that would have resulted in 10,000+ machines being remotely controlled by an adversary for ransom. Hardening reviews, configuration management, app whitelisting effectiveness, encryption recovery, and the ability to detect and defeat sleeper malware are described.

Participants
Murray Goldschmidt

Participant

Chief Operating Officer, Sense of Security Pty Ltd

Security Strategy & Architecture Hackers & Threats

supply chain governance risk & compliance


Topic

Subtopic


Share With Your Community