SLW08: Proactive Security on Windows 10 with Sami Laiho

MP3 Audio [44 MB]MPEG-4 AAC Audio [35 MB]DownloadShow URL

Every day more than 300.000 vulnerabilites are found in our modern operating systems. From iOS/MacOS, Android/Linux to Windows – reactive security approaches will obviously not save us from future attacks. I invited Sami Laiho in another ENGLISH episode of the Sliding Windows to explain how to turn the tables on this issue.

We focus on Window 10, starting from the choice of the proper edition, the importance of Bitlocker, Applocker (and Software Restriction Policies), Group Policies and the prerequisite of using limited user accounts, ending at project Barcelona (aka “Windows Defender Application Guard”) and the future architecture of enterprise grade OS.

This interview was recorded during the MCT Summit 2017 in Thessaloniki on June 11, 2017.

RSS-Feed: AAC | MP3

Direct Download: AAC | MP3

Show notes:

• Scuba diving (Wikipedia)
• about_Certificates
  
• Robert O’Callahan: Disable Your Antivirus Software (Except Microsoft’s)
• Detailled information about vulnerabilites in (amongst others) antivirus software:
  Google’s Project Zero
• Mark Russinovich: Inside Windows Vista User Account Control
• Windows Interrnals 7th edition (Amazon.com)
• Interview with Bruce Payette: The X files (SLW04)
• “The AV-TEST Institute registers over 390,000 new malicious programs every day.” (av-test.org)
• Slack.com
• Paul Bergson: AppLocker – Another Layer in the Defense in Depth Against Malware
• Cold Boot Attacks on Disk Encryption (Princeton University)
  • Blog post
  • Research PDF
• Zubair Alexander : Securing Windows 10 with BitLocker Drive Encryption
• Sami Laiho: Every Windows 10 in-place Upgrade is a SEVERE Security risk
• David das Neves: Demystifying Windows as a Service – wake up! please.
• Chromium procect: GPO template files for Chromium/Chrome browser
• Brandon Records: Documentation Updates for Surface and Windows 10 LTSB Compatibility
• Ash de Zylva: Windows 10 Device Guard and Credential Guard Demystified
• A sandboxed browser: Bromium

Chapters

1. Intro 0:00.000
2. Introducing Sami Laiho 1:28.840
3. Windows vs. Linux 3:59.420
4. Basic security for the mere mortals 7:22.167
5. *locker and Enterprise Edition 11:31.756
6. LTSB 25:00.101
7. The attack surface 34:22.086
8. Limited user accounts 41:19.642
9. Remoting 49:26.623
10. App compat 52:54.990
11. Project Barcelona and beyond 59:30.876
12. Wrrap up: Windows on steriods 1:06:16.338
13. Resources 1:10:41.894
14. Outtro & bonus content 1:13:57.136

References

• Intro and Outtro powered by Microsoft Translator
• samilaiho.com
• Twitter: @samilaiho
• adminize(r) (Software)
• win-fu.com (Training)

Music

• Airtone: nightRain