Protecting Windows Credentials: An Excessive Guide for Security Professionals
Date: July 26 2017
Publication: BSidesLV 2017
Source: Currently no known Internet copy of paper.
Abstract or Summary:
Average users might never be safe from credential-theft on Windows, but security professionals have a significant enough threat model and have the necessary skills to protect themselves beyond clicking on a few UAC prompts. Through some extreme hardening measures, a handful of 3rd party and custom tools, and perhaps a few over-the-top security practices, you will learn to turn a default Windows installation into a highly secure computing environment.
Because Windows is a leaky bucket when it comes to user credentials, it's critical that you understand the Windows security model and mitigations available, but it is also important to use those features to the fullest, way beyond what a regular IT professional might apply. It's vital to know exactly what is happening on your system and be aware of any changes that might affect security. You must maximize the encryption facilities available to you and implement extra measures where appropriate.
Windows is a huge operating system with an attack surface to match. It has a legacy of insecurity but certainly is capable of becoming a solid computing environment.
PasswordResearch.com Note: Video of presentation: https://www.youtube.com/watch?v=jiocy0D181k
Do you have additional information to contribute regarding this research paper? If so, please email email@example.com with the details.