Securing Windows with (some) Group Policy Sat, 21 Apr 2018 2:15pm (1h) Track 3

When you buy a house what's the first thing you do? Me, I replace the locks. It’s the same with operating systems. Just because you installed the OS, doesn’t mean it’s secure. You need to configure/harden it!

Group Policy exists in almost every modern business environment. Many organizations either do not use it or do not use it as extensively as they should.

Do you understand Group Policy processing? Did you know you can manage both Active Directory groups and user rights? What about running Scheduled Tasks and do you even Manage Services, bro? Why do all your Administrative accounts have extra permissions like Debug Programs? And why the hell are you afraid of AppLocker?

Remember, Group Policy is an ENTERPRISE scale registry editor.

Avatar square?t=1519162192
Josh Rickard

Josh is an experienced IT & DFIR professional who focuses on Windows Security and automation using PowerShell & Python. He is a GIAC Certified Windows Security Administrator (GCWN) and GIAC Certified Forensic Analyst (GCFA). You can reach Josh at MSAdministrator.com or on Twitter at @MS_dministrator.

BSidesKC 2018 is powered by BusyConf
Planning your own conference? Get started with BusyConf