Preventing an Enterprise Win10 Rollout Being Remotely Controlled and Ransomed

Posted on in Presentations

A case-study for static and dynamic testing of Win10 enterprise rollout images. How this saved an organization from deploying an image that would have resulted in 10,000+ machines being remotely controlled by an adversary for ransom. Hardening reviews, configuration management, app whitelisting effectiveness, encryption recovery, and the ability to detect and defeat sleeper malware are described.

Murray Goldschmidt


Chief Operating Officer, Sense of Security Pty Ltd

Security Strategy & Architecture Hackers & Threats

supply chain governance risk & compliance



Share With Your Community