Security, Workshops

TF01 Workshop: Ransomware Defense with AppLocker

August 9th, 2024

9:00am - 5:00pm

Level: Intermediate

Sami Laiho

Chief Research Officer

Adminize

"In 2020+ the most important security measure in enterprises is whitelisting" said Gartner and multiple other agencies. Only the inventory of assets has now bypassed it on the list. On the other hand, if you don't have binary control, it's impossible to keep software inventory up to date. Since 2021 the most used initial attack vector by Ransomware changed from Phishing to Unpatched Vulnerabilities - the way to limit the enormous amount of patching is to limit and control the binaries you allow. In Windows this means you need to implement AppLocker, which now is available for PRO-versions as well! Join this workshop where one of the leading experts in Windows OS and Security, Sami Laiho, shows you how to effectively and securely deploy AppLocker in your environment. Sami has deployed AppLocker for tens and tens of companies ranging from one-man to 500000+ seat companies. You will learn how to run the project, how to manage AppLocker and how to keep it secure. You will also receive prebuilt, pre-hardened, configurations that you can use at your own company. Even if you don’t want to use AppLocker, but a 3rd party solution, or if you want to deploy the new Windows Defender Application Control, you can apply this knowledge.

You will learn:

  • How to deploy AppLocker without upsetting users
  • How to manage AppLocker and take down the amount of work for ServiceDesk
  • How to run AppLocker with tens of rules, instead of thousands