1. Defense in Depth: Windows 8.1 Security
Erdal Ozkaya | Most Valuable Professional, KEMP Technologies
Milad Aslaner | Premier Field Engineer, Microsoft

2. Jump Start Agenda Module 1: Today’s Threat Landscape
Module 2: Key Principles of Security
Module 3: Understanding your enemy!
Module 4: Phases of Hackers
Lunch Break
Module 5: What motivates hackers?
Module 6: Pass the Hash
Module 7: Windows Security Capabilities and Tools

3. Module Insights
We will talk about the rapidly changing threat landscape and the importance of strong mitigation capabilities.

4. Erdal Ozkaya @Erdal_Ozkaya KEMP Technologies Charles Sturt University
Microsoft MVP
Certified Ethical Hacker

5. 2/23/2019
© 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

6. Demo: Creating virus with metaexploit
How do you get hacked?

7. Warning! This Presentation Contains many information which you should not use in live targets or networks without permissions.

8. Target Audience
​This course is helpful for anyone interested in security, particularly IT Pros and Security Architects at mid- sized and enterprise organizations.

9. The threat landscape is changing rapidly
The threat landscape is changing rapidly. But this time it’s not just the attackers driving change, it’s your users.
Talk Track:
The threat landscape is changing rapidly. But this time it’s not just the attackers driving change, it’s your users.

10. Mobility represents the end perimeter based security.
2014 Disappearing perimeter
2009 Defined environment
Mobility represents the end perimeter based security.
Your perimeter is fading, maybe it’s already gone.
Talk Track:
Mobility represents the end perimeter based security.
Your perimeter is fading, maybe it’s already gone.

11. BYOD is a top priority and one of the biggest challenges
But it’s not the only one when it comes to security.
Talk Track:
What is BYOD (Bring Your Own Device)?
Recent trend of employees bringing personally-owned mobile devices to their place of work, and using those devices to access privileged company resources.
Globally, 88% of executives report employees are using their personal computing technologies for business purposes today*
Globally, 62% of executives say they are now have or are planning to have a BYOD program for smartphones and tablets*

12. The improvements that we’ve made in the Windows platforms have driven our adversaries to new tactics.
Talk Track:
The improvements that we’ve made in the Windows platforms have driven our adversaries to new tactics.

13. Attackers have set their sights on identity theft
and they’re breaking into systems as you!
Talk Track:
Attackers have set their sights on identity theft and they’re breaking into systems as you!

14. ~75% of users use the same password on every site
Banking
Small Online Business
Attackers steal passwords from small online businesses and use the same password to access more interesting accounts
~75% of users use the same password on every site
(Robert Siciliano
Security Researcher - McAfee)
Attackers know this and exploit the weakness
Small Online Business
Small Online Business
Talk Track:
It turns out that about 75% of users use the exact same password across multiple sites that they do business with and attackers know exactly how to exploit this weakness.
If an attacker wants access to your bank account they’re not going to bother trying to brute for their way through your banks defenses using random password guesses. Banks have the means to protect themselves and their users accounts.
Instead attackers will go after the weakest links and those links are the millions of small business that are just sophisticated enough to get online business started but lack the resources and know how to protect their user’s accounts. These are the targets and once attackers have successfully breached them and have gained access to their user’s account data they may have a 75% chance of being able to log into other high profile websites. This could include their your bank accounts or even into your corporation.
They used to attack poorly managed devices that were left vulnerable, maybe tricked users into installing malware, but now that’s become a bigger challenge for them. Attackers are increasingly going after their identities (user name and passwords). They know that ~75% of users use the same password on every site and even more use the same on across more than one. They attack the small business as that’s the weakest link and once they have that they probably have the password for all of the sites.
Attackers increasingly going after identities. Why try and crack an increasingly sophisticated lock when the key may be easily acquired
Based on this our adversaries are quickly adopting new tactics. Attackers are increasingly finding it easier to steal a user online identity than to exploit vulnerabilities in the product that they’re targets are using, or to use social engineered ways to dup users to installing malware on their device. With an identity the attacker has far more power as they can literally be “You”. They can log into networks and can quietly take the information they want, they can install malware, or they can do both. They really have unlimited power.
So how do they steal your identity? Attacker know very well how “users” behave and one of the things they know all too well is that the user name and passwords a user uses on one site is very likely the same one that they use on all of the sites they conduct business on. So if an attacker wants access to your bank account they don’t need to try and find a way to breach the bank to get your account data, they can instead target the small online business and get your identity from there. Attackers know that small businesses very likely don’t have the resources necessary to secure their sites and customer data and they’re right. This is why we have seen a dramatic increase in the number of attacks on small business in recent years (see 2013 the Verizon report)
Small Online Business

15. Need to knows on complex passwords…
Demo:
Need to knows on complex passwords…

16. Personal information about you can almost certainly be found there!
There is a prolific and easily accessible black market that facilitates the buying and selling of identities, credit cards, etc.
Personal information about you can almost certainly be found there!
Talk Track:
There is a prolific and easily accessible black market that facilitates the buying and selling of stolen identities, credit cards, etc.
Personal information about you and people within your organization can almost certainly be found there and it can be correlated with data sets from other breaches giving them even more insights about your users and your organization.

18. And so we have a perfect storm.
Talk Track:
And so we have a perfect storm.

19. TODAY

20. Key Takeaways

21. Connect with the speakers!
@ErdalOzkaya
@MiladPFE

22. TechNet Virtual Labs
Deep technical content and free product evaluations
Hands-on deep technical labs
Free, online, technical courses
At the TechNet Evaluation Center you can download free, trial versions of Microsoft software, with no feature limits. Dozens of trials are available – all at no cost.
Try Windows Server 2012 for up to 180 days. Download the Windows 8 Enterprise 90-day evaluation. Or try Windows Azure at no-cost for up to 90 days.
Microsoft Hands On Labs offer virtual environments that will take you through guided, technically deep product learning experience.
Learn at your own pace in labs that you can complete in 90 minutes or less. There is no complex setup or installation is required to use TechNet Virtual Labs.
Microsoft Virtual Academy provides free online training on the IT scenarios that are important to your company and your career.
Learn at your own pace and boost your IT skills with over 100 courses across more than 15 Microsoft technologies including Windows Server, Windows 8, Windows Azure, Office 365, virtualization, Windows Phone, and more.
Download Microsoft software trials today.
Find Hand On Labs.
Take a free online course.
Technet.microsoft.com/evalcenter
Technet.microsoft.com/virtuallabs
microsoftvirtualacademy.com