Protecting Windows Credentials: An Excessive Guide for Security Professionals
Authors: Mark Burnett

Date: July 26 2017
Publication: BSidesLV 2017
Source: Currently no known Internet copy of paper.

Abstract or Summary:
Average users might never be safe from credential-theft on Windows, but security professionals have a significant enough threat model and have the necessary skills to protect themselves beyond clicking on a few UAC prompts. Through some extreme hardening measures, a handful of 3rd party and custom tools, and perhaps a few over-the-top security practices, you will learn to turn a default Windows installation into a highly secure computing environment.

Because Windows is a leaky bucket when it comes to user credentials, it's critical that you understand the Windows security model and mitigations available, but it is also important to use those features to the fullest, way beyond what a regular IT professional might apply. It's vital to know exactly what is happening on your system and be aware of any changes that might affect security. You must maximize the encryption facilities available to you and implement extra measures where appropriate.

Windows is a huge operating system with an attack surface to match. It has a legacy of insecurity but certainly is capable of becoming a solid computing environment. Note: Video of presentation:

Do you have additional information to contribute regarding this research paper? If so, please email with the details.

<-- Back to Authentication Research Paper Index

[Home] [About Us] [News] [Research]

Copyright © 2019