SlideShare a Scribd company logo

App locker

‱Download as PPT, PDF‱
‱
C
Concentrated Technology
Technology
1 of 36
Eliminating Malware, Inappropriate Software, and Most IT Problems with AppLocker Greg Shields, MVP, vExpert Head Geek, Concentrated Technology www.ConcentratedTech.com
This slide deck was used in one of our many conference presentations. We hope you enjoy it, and invite you to use it within your own organization however you like. For more information on our company, including information on private classes and upcoming conference appearances, please visit our Web site, www.ConcentratedTech.com . For links to newly-posted decks, follow us on Twitter: @concentrateddon or @concentratdgreg This work is copyright ©Concentrated Technology, LLC
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object]
DISCUSS: What Security Tools are You Using Today? ,[object Object],[object Object],[object Object]
Part I: Today ’s IT Security is All Backwards. AppLocker Puts the Horse Before the Cart .
Anti-Virus, Anti-Malware, Anti-Oh My! ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Anti-Virus, Anti-Malware, Anti-Oh My! ,[object Object],[object Object],[object Object],[object Object]
The Dreaded Zero-Day ,[object Object],[object Object]
The Dreaded Zero-Day ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
DISCUSS: So How Then Could You Protect Yourself Against Something You Know Nothing About? ,[object Object],[object Object],[object Object],[object Object]
AppLocker Changes the Mindset ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Blacklisting, the “Old” Way ,[object Object],[object Object]
Blacklisting, the “Old” Way ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Blacklisting, the “Old” Way ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],
 but the problem arrives when someone writes a piece of code that you haven ’t seen before. Now, you have to figure out what it is and what it does so you can prevent it.
Whitelisting, the “New” Way ,[object Object],[object Object]
Whitelisting, the “New” Way ,[object Object],[object Object],Hey Greg: Tell the story now about that one guy at your very first TechMentor! You know, the guy who needed to personally approve every application!
DISCUSS: So, was this guy crazy, or brilliant? ,[object Object],[object Object],[object Object]
Whitelisting, the “New” Way ,[object Object],[object Object],[object Object],Interestingly enough: AppLocker ’s older brother “Software Restriction Policies” highlighted both blacklisting and whitelisting. With Applocker, focus on the white .
Whitelisting, the “New” Way ,[object Object],[object Object],[object Object],[object Object],Some will argue that these are even more exciting than anti-malware!
DEMO: Timeout for a Quick “Where is AppLocker” Demo. ,[object Object],[object Object]
Part II: Implementing AppLocker (Without Completely Screwing Up Your Network!)
What you Need ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
The Plan. ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
#1: Determine How to Implement AppLocker ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
#2: Create a List of Applications ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Automatically Generate Rules
#3: Select the Types of Rules to Create ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Rule Conditions ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Rule Conditions
Default Rules ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
#4: Define the Group Policy Structure and Rule Enforcement ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
#5: Create a Process for Managing Rules ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
#6: Document the Plan ,[object Object],[object Object],[object Object]
What if you DO Screw Up? ,[object Object],[object Object],[object Object],[object Object],[object Object]
 
This slide deck was used in one of our many conference presentations. We hope you enjoy it, and invite you to use it within your own organization however you like. For more information on our company, including information on private classes and upcoming conference appearances, please visit our Web site, www.ConcentratedTech.com . For links to newly-posted decks, follow us on Twitter: @concentrateddon or @concentratdgreg This work is copyright ©Concentrated Technology, LLC

Recommended

DDoS Attacks
DDoS AttacksDDoS Attacks
DDoS AttacksJignesh Patel
 
Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Gaurav Sharma
 
Zero-Day Vulnerability and Heuristic Analysis
Zero-Day Vulnerability and Heuristic AnalysisZero-Day Vulnerability and Heuristic Analysis
Zero-Day Vulnerability and Heuristic AnalysisAhmed Banafa
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application SecurityDirk Nicol
 
Nessus-Vulnerability Tester
Nessus-Vulnerability TesterNessus-Vulnerability Tester
Nessus-Vulnerability TesterAditya Jain
 
Denial of service
Denial of serviceDenial of service
Denial of servicegarishma bhatia
 
Single Sign On - The Basics
Single Sign On - The BasicsSingle Sign On - The Basics
Single Sign On - The BasicsIshan A B Ambanwela
 
Nessus Basics
Nessus BasicsNessus Basics
Nessus Basicsamiable_indian
 

Recommended

DDoS Attacks
DDoS AttacksDDoS Attacks
DDoS AttacksJignesh Patel
 
Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Gaurav Sharma
 
Zero-Day Vulnerability and Heuristic Analysis
Zero-Day Vulnerability and Heuristic AnalysisZero-Day Vulnerability and Heuristic Analysis
Zero-Day Vulnerability and Heuristic AnalysisAhmed Banafa
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application SecurityDirk Nicol
 
Nessus-Vulnerability Tester
Nessus-Vulnerability TesterNessus-Vulnerability Tester
Nessus-Vulnerability TesterAditya Jain
 
Denial of service
Denial of serviceDenial of service
Denial of servicegarishma bhatia
 
Single Sign On - The Basics
Single Sign On - The BasicsSingle Sign On - The Basics
Single Sign On - The BasicsIshan A B Ambanwela
 
Nessus Basics
Nessus BasicsNessus Basics
Nessus Basicsamiable_indian
 
WannaCry / Wannacrypt Ransomware
WannaCry / Wannacrypt RansomwareWannaCry / Wannacrypt Ransomware
WannaCry / Wannacrypt RansomwareAyoub Rouzi
 
Malware & Anti-Malware
Malware & Anti-MalwareMalware & Anti-Malware
Malware & Anti-MalwareArpit Mittal
 
Malware analysis
Malware analysisMalware analysis
Malware analysisPrakashchand Suthar
 
Cyber kill chain
Cyber kill chainCyber kill chain
Cyber kill chainAnkita Ganguly
 
Web Hacking
Web HackingWeb Hacking
Web HackingInformation Technology
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentationSuryansh Srivastava
 
Nessus Software
Nessus SoftwareNessus Software
Nessus SoftwareMegha Sahu
 
Image encryption and decryption
Image encryption and decryptionImage encryption and decryption
Image encryption and decryptionAashish R
 
Single sign on - SSO
Single sign on - SSOSingle sign on - SSO
Single sign on - SSOAjit Dadresa
 
Malware classification using Machine Learning
Malware classification using Machine LearningMalware classification using Machine Learning
Malware classification using Machine LearningJapneet Singh
 
penetration test using Kali linux seminar report
penetration test using Kali linux seminar reportpenetration test using Kali linux seminar report
penetration test using Kali linux seminar reportAbhayNaik8
 
Spyware
SpywareSpyware
SpywareIshita Bansal
 
How to Test for The OWASP Top Ten
How to Test for The OWASP Top Ten How to Test for The OWASP Top Ten
How to Test for The OWASP Top TenSecurity Innovation
 
DDoS - Distributed Denial of Service
DDoS - Distributed Denial of ServiceDDoS - Distributed Denial of Service
DDoS - Distributed Denial of ServiceEr. Shiva K. Shrestha
 
Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Amit Tyagi
 
Keyloggers and Spywares
Keyloggers and SpywaresKeyloggers and Spywares
Keyloggers and SpywaresAnkit Mistry
 
Malware Detection using Machine Learning
Malware Detection using Machine Learning Malware Detection using Machine Learning
Malware Detection using Machine Learning Cysinfo Cyber Security Community
 
Common malware and countermeasures
Common malware and countermeasuresCommon malware and countermeasures
Common malware and countermeasuresNoushin Ahson
 
Malware detection-using-machine-learning
Malware detection-using-machine-learningMalware detection-using-machine-learning
Malware detection-using-machine-learningSecurity Bootcamp
 
Jhon the ripper
Jhon the ripper Jhon the ripper
Jhon the ripper Merve Karabudağ
 
Moskowitz Whitepaper Microsoft App Locker And Beyond
Moskowitz Whitepaper Microsoft App Locker And BeyondMoskowitz Whitepaper Microsoft App Locker And Beyond
Moskowitz Whitepaper Microsoft App Locker And BeyondCoreTrace Corporation
 
Windows 7 Enhanced Security And Control
Windows 7 Enhanced Security And ControlWindows 7 Enhanced Security And Control
Windows 7 Enhanced Security And ControlKeith Combs
 

More Related Content

What's hot

WannaCry / Wannacrypt Ransomware
WannaCry / Wannacrypt RansomwareWannaCry / Wannacrypt Ransomware
WannaCry / Wannacrypt RansomwareAyoub Rouzi
 
Malware & Anti-Malware
Malware & Anti-MalwareMalware & Anti-Malware
Malware & Anti-MalwareArpit Mittal
 
Cyber kill chain
Cyber kill chainCyber kill chain
Cyber kill chainAnkita Ganguly
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentationSuryansh Srivastava
 
Nessus Software
Nessus SoftwareNessus Software
Nessus SoftwareMegha Sahu
 
Image encryption and decryption
Image encryption and decryptionImage encryption and decryption
Image encryption and decryptionAashish R
 
Single sign on - SSO
Single sign on - SSOSingle sign on - SSO
Single sign on - SSOAjit Dadresa
 
Malware classification using Machine Learning
Malware classification using Machine LearningMalware classification using Machine Learning
Malware classification using Machine LearningJapneet Singh
 
penetration test using Kali linux seminar report
penetration test using Kali linux seminar reportpenetration test using Kali linux seminar report
penetration test using Kali linux seminar reportAbhayNaik8
 
How to Test for The OWASP Top Ten
How to Test for The OWASP Top Ten How to Test for The OWASP Top Ten
How to Test for The OWASP Top TenSecurity Innovation
 
DDoS - Distributed Denial of Service
DDoS - Distributed Denial of ServiceDDoS - Distributed Denial of Service
DDoS - Distributed Denial of ServiceEr. Shiva K. Shrestha
 
Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Amit Tyagi
 
Keyloggers and Spywares
Keyloggers and SpywaresKeyloggers and Spywares
Keyloggers and SpywaresAnkit Mistry
 
Common malware and countermeasures
Common malware and countermeasuresCommon malware and countermeasures
Common malware and countermeasuresNoushin Ahson
 
Malware detection-using-machine-learning
Malware detection-using-machine-learningMalware detection-using-machine-learning
Malware detection-using-machine-learningSecurity Bootcamp
 

What's hot (20)

WannaCry / Wannacrypt Ransomware
WannaCry / Wannacrypt RansomwareWannaCry / Wannacrypt Ransomware
WannaCry / Wannacrypt Ransomware
 
Malware & Anti-Malware
Malware & Anti-MalwareMalware & Anti-Malware
Malware & Anti-Malware
 
Malware analysis
Malware analysisMalware analysis
Malware analysis
 
Cyber kill chain
Cyber kill chainCyber kill chain
Cyber kill chain
 
Web Hacking
Web HackingWeb Hacking
Web Hacking
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
 
Nessus Software
Nessus SoftwareNessus Software
Nessus Software
 
Image encryption and decryption
Image encryption and decryptionImage encryption and decryption
Image encryption and decryption
 
Single sign on - SSO
Single sign on - SSOSingle sign on - SSO
Single sign on - SSO
 
Malware classification using Machine Learning
Malware classification using Machine LearningMalware classification using Machine Learning
Malware classification using Machine Learning
 
penetration test using Kali linux seminar report
penetration test using Kali linux seminar reportpenetration test using Kali linux seminar report
penetration test using Kali linux seminar report
 
Spyware
SpywareSpyware
Spyware
 
How to Test for The OWASP Top Ten
How to Test for The OWASP Top Ten How to Test for The OWASP Top Ten
How to Test for The OWASP Top Ten
 
DDoS - Distributed Denial of Service
DDoS - Distributed Denial of ServiceDDoS - Distributed Denial of Service
DDoS - Distributed Denial of Service
 
Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)
 
Keyloggers and Spywares
Keyloggers and SpywaresKeyloggers and Spywares
Keyloggers and Spywares
 
Malware Detection using Machine Learning
Malware Detection using Machine Learning Malware Detection using Machine Learning
Malware Detection using Machine Learning
 
Common malware and countermeasures
Common malware and countermeasuresCommon malware and countermeasures
Common malware and countermeasures
 
Malware detection-using-machine-learning
Malware detection-using-machine-learningMalware detection-using-machine-learning
Malware detection-using-machine-learning
 
Jhon the ripper
Jhon the ripper Jhon the ripper
Jhon the ripper
 

Viewers also liked

Moskowitz Whitepaper Microsoft App Locker And Beyond
Moskowitz Whitepaper Microsoft App Locker And BeyondMoskowitz Whitepaper Microsoft App Locker And Beyond
Moskowitz Whitepaper Microsoft App Locker And BeyondCoreTrace Corporation
 
Windows 7 Enhanced Security And Control
Windows 7 Enhanced Security And ControlWindows 7 Enhanced Security And Control
Windows 7 Enhanced Security And ControlKeith Combs
 
Microsoft. Đ˜Đ»ŃŒŃ ĐšĐŸŃ€ĐžĐœ. "ХДрĐČосы Microsoft ĐŽĐ»Ń ĐŸĐ±Đ”ŃĐżĐ”Ń‡Đ”ĐœĐžŃ Đ±Đ”Đ·ĐŸĐżĐ°ŃĐœĐŸŃŃ‚Đž Đž ĐșĐŸĐœŃ‚...
Microsoft. Đ˜Đ»ŃŒŃ ĐšĐŸŃ€ĐžĐœ. "ХДрĐČосы Microsoft ĐŽĐ»Ń ĐŸĐ±Đ”ŃĐżĐ”Ń‡Đ”ĐœĐžŃ Đ±Đ”Đ·ĐŸĐżĐ°ŃĐœĐŸŃŃ‚Đž Đž ĐșĐŸĐœŃ‚...Microsoft. Đ˜Đ»ŃŒŃ ĐšĐŸŃ€ĐžĐœ. "ХДрĐČосы Microsoft ĐŽĐ»Ń ĐŸĐ±Đ”ŃĐżĐ”Ń‡Đ”ĐœĐžŃ Đ±Đ”Đ·ĐŸĐżĐ°ŃĐœĐŸŃŃ‚Đž Đž ĐșĐŸĐœŃ‚...
Microsoft. Đ˜Đ»ŃŒŃ ĐšĐŸŃ€ĐžĐœ. "ХДрĐČосы Microsoft ĐŽĐ»Ń ĐŸĐ±Đ”ŃĐżĐ”Ń‡Đ”ĐœĐžŃ Đ±Đ”Đ·ĐŸĐżĐ°ŃĐœĐŸŃŃ‚Đž Đž ĐșĐŸĐœŃ‚...Expolink
 
Windows 7 by microsoft
Windows 7 by microsoft Windows 7 by microsoft
Windows 7 by microsoft Kenneth Endfinger
 
Ad disasters & how to prevent them
Ad disasters & how to prevent themAd disasters & how to prevent them
Ad disasters & how to prevent themConcentrated Technology
 
PowerShell crashcourse for Sharepoint admins
PowerShell crashcourse for Sharepoint adminsPowerShell crashcourse for Sharepoint admins
PowerShell crashcourse for Sharepoint adminsConcentrated Technology
 
PowerShell Functions
PowerShell FunctionsPowerShell Functions
PowerShell Functionsmikepfeiffer
 
VDI-in-a-Box: Microsoft Desktop Virtualization for Smaller Businesses and Uses
VDI-in-a-Box: Microsoft Desktop Virtualization for Smaller Businesses and UsesVDI-in-a-Box: Microsoft Desktop Virtualization for Smaller Businesses and Uses
VDI-in-a-Box: Microsoft Desktop Virtualization for Smaller Businesses and UsesConcentrated Technology
 
Best free tools for win database admin
Best free tools for win database adminBest free tools for win database admin
Best free tools for win database adminConcentrated Technology
 

Viewers also liked (20)

Moskowitz Whitepaper Microsoft App Locker And Beyond
Moskowitz Whitepaper Microsoft App Locker And BeyondMoskowitz Whitepaper Microsoft App Locker And Beyond
Moskowitz Whitepaper Microsoft App Locker And Beyond
 
Windows 7 Enhanced Security And Control
Windows 7 Enhanced Security And ControlWindows 7 Enhanced Security And Control
Windows 7 Enhanced Security And Control
 
Microsoft. Đ˜Đ»ŃŒŃ ĐšĐŸŃ€ĐžĐœ. "ХДрĐČосы Microsoft ĐŽĐ»Ń ĐŸĐ±Đ”ŃĐżĐ”Ń‡Đ”ĐœĐžŃ Đ±Đ”Đ·ĐŸĐżĐ°ŃĐœĐŸŃŃ‚Đž Đž ĐșĐŸĐœŃ‚...
Microsoft. Đ˜Đ»ŃŒŃ ĐšĐŸŃ€ĐžĐœ. "ХДрĐČосы Microsoft ĐŽĐ»Ń ĐŸĐ±Đ”ŃĐżĐ”Ń‡Đ”ĐœĐžŃ Đ±Đ”Đ·ĐŸĐżĐ°ŃĐœĐŸŃŃ‚Đž Đž ĐșĐŸĐœŃ‚...Microsoft. Đ˜Đ»ŃŒŃ ĐšĐŸŃ€ĐžĐœ. "ХДрĐČосы Microsoft ĐŽĐ»Ń ĐŸĐ±Đ”ŃĐżĐ”Ń‡Đ”ĐœĐžŃ Đ±Đ”Đ·ĐŸĐżĐ°ŃĐœĐŸŃŃ‚Đž Đž ĐșĐŸĐœŃ‚...
Microsoft. Đ˜Đ»ŃŒŃ ĐšĐŸŃ€ĐžĐœ. "ХДрĐČосы Microsoft ĐŽĐ»Ń ĐŸĐ±Đ”ŃĐżĐ”Ń‡Đ”ĐœĐžŃ Đ±Đ”Đ·ĐŸĐżĐ°ŃĐœĐŸŃŃ‚Đž Đž ĐșĐŸĐœŃ‚...
 
Windows 7 by microsoft
Windows 7 by microsoft Windows 7 by microsoft
Windows 7 by microsoft
 
Managing SQLserver
Managing SQLserverManaging SQLserver
Managing SQLserver
 
Server Core2
Server Core2Server Core2
Server Core2
 
PS error handling and debugging
PS error handling and debuggingPS error handling and debugging
PS error handling and debugging
 
Ad disasters & how to prevent them
Ad disasters & how to prevent themAd disasters & how to prevent them
Ad disasters & how to prevent them
 
PowerShell crashcourse for Sharepoint admins
PowerShell crashcourse for Sharepoint adminsPowerShell crashcourse for Sharepoint admins
PowerShell crashcourse for Sharepoint admins
 
PowerShell crash course
PowerShell crash coursePowerShell crash course
PowerShell crash course
 
Ha & drs gotcha's
Ha & drs gotcha'sHa & drs gotcha's
Ha & drs gotcha's
 
PowerShell crashcourse
PowerShell crashcoursePowerShell crashcourse
PowerShell crashcourse
 
PowerShell Functions
PowerShell FunctionsPowerShell Functions
PowerShell Functions
 
PowerShell custom properties
PowerShell custom propertiesPowerShell custom properties
PowerShell custom properties
 
VDI-in-a-Box: Microsoft Desktop Virtualization for Smaller Businesses and Uses
VDI-in-a-Box: Microsoft Desktop Virtualization for Smaller Businesses and UsesVDI-in-a-Box: Microsoft Desktop Virtualization for Smaller Businesses and Uses
VDI-in-a-Box: Microsoft Desktop Virtualization for Smaller Businesses and Uses
 
Best free tools for w d a
Best free tools for w d aBest free tools for w d a
Best free tools for w d a
 
PowerShell 8tips
PowerShell 8tipsPowerShell 8tips
PowerShell 8tips
 
From VB Script to PowerShell
From VB Script to PowerShellFrom VB Script to PowerShell
From VB Script to PowerShell
 
Meet Windows PowerShell
Meet Windows PowerShellMeet Windows PowerShell
Meet Windows PowerShell
 
Best free tools for win database admin
Best free tools for win database adminBest free tools for win database admin
Best free tools for win database admin
 

Similar to App locker

Cyber Defense Forensic Analyst - Real World Hands-on Examples
Cyber Defense Forensic Analyst - Real World Hands-on ExamplesCyber Defense Forensic Analyst - Real World Hands-on Examples
Cyber Defense Forensic Analyst - Real World Hands-on ExamplesSandeep Kumar Seeram
 
Finalppt metasploit
Finalppt metasploitFinalppt metasploit
Finalppt metasploitdevilback
 
Security by Weston Hecker
Security by Weston HeckerSecurity by Weston Hecker
Security by Weston HeckerEC-Council
 
10 Best DevSecOps Tools for 2023
10 Best DevSecOps Tools for 202310 Best DevSecOps Tools for 2023
10 Best DevSecOps Tools for 2023SofiaCarter4
 
Whittaker How To Break Software Security - SoftTest Ireland
Whittaker How To Break Software Security - SoftTest IrelandWhittaker How To Break Software Security - SoftTest Ireland
Whittaker How To Break Software Security - SoftTest IrelandDavid O'Dowd
 
The Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CDThe Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CDJames Wickett
 
DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD PipelineJames Wickett
 
Web Security: What's wrong, and how the bad guys can break your website
Web Security: What's wrong, and how the bad guys can break your websiteWeb Security: What's wrong, and how the bad guys can break your website
Web Security: What's wrong, and how the bad guys can break your websiteAndrew Sorensen
 
The DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD PipelineThe DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD PipelineJames Wickett
 
SELJE - VFP and IT Security.pdf
SELJE - VFP and IT Security.pdfSELJE - VFP and IT Security.pdf
SELJE - VFP and IT Security.pdfEric Selje
 
Showing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
Showing How Security Has (And Hasn't) Improved, After Ten Years Of TryingShowing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
Showing How Security Has (And Hasn't) Improved, After Ten Years Of TryingDan Kaminsky
 
CHAPTER 3 BASIC DYNAMIC ANALYSIS.ppt
CHAPTER 3 BASIC DYNAMIC ANALYSIS.pptCHAPTER 3 BASIC DYNAMIC ANALYSIS.ppt
CHAPTER 3 BASIC DYNAMIC ANALYSIS.pptManjuAppukuttan2
 
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...Mobodexter
 
Teensy Programming for Everyone
Teensy Programming for EveryoneTeensy Programming for Everyone
Teensy Programming for EveryoneNikhil Mittal
 
SANS Digital Forensics and Incident Response Poster 2012
SANS Digital Forensics and Incident Response Poster 2012SANS Digital Forensics and Incident Response Poster 2012
SANS Digital Forensics and Incident Response Poster 2012Rian Yulian
 
Checking Windows for signs of compromise
Checking Windows for signs of compromiseChecking Windows for signs of compromise
Checking Windows for signs of compromiseCal Bryant
 
Software Security Assurance for DevOps
Software Security Assurance for DevOpsSoftware Security Assurance for DevOps
Software Security Assurance for DevOpsBlack Duck by Synopsys
 

Similar to App locker (20)

Cyber Defense Forensic Analyst - Real World Hands-on Examples
Cyber Defense Forensic Analyst - Real World Hands-on ExamplesCyber Defense Forensic Analyst - Real World Hands-on Examples
Cyber Defense Forensic Analyst - Real World Hands-on Examples
 
Finalppt metasploit
Finalppt metasploitFinalppt metasploit
Finalppt metasploit
 
Security by Weston Hecker
Security by Weston HeckerSecurity by Weston Hecker
Security by Weston Hecker
 
10 Best DevSecOps Tools for 2023
10 Best DevSecOps Tools for 202310 Best DevSecOps Tools for 2023
10 Best DevSecOps Tools for 2023
 
Whittaker How To Break Software Security - SoftTest Ireland
Whittaker How To Break Software Security - SoftTest IrelandWhittaker How To Break Software Security - SoftTest Ireland
Whittaker How To Break Software Security - SoftTest Ireland
 
The Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CDThe Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CD
 
DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline
 
Web Security: What's wrong, and how the bad guys can break your website
Web Security: What's wrong, and how the bad guys can break your websiteWeb Security: What's wrong, and how the bad guys can break your website
Web Security: What's wrong, and how the bad guys can break your website
 
The DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD PipelineThe DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD Pipeline
 
SELJE - VFP and IT Security.pdf
SELJE - VFP and IT Security.pdfSELJE - VFP and IT Security.pdf
SELJE - VFP and IT Security.pdf
 
Showing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
Showing How Security Has (And Hasn't) Improved, After Ten Years Of TryingShowing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
Showing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
 
CHAPTER 3 BASIC DYNAMIC ANALYSIS.ppt
CHAPTER 3 BASIC DYNAMIC ANALYSIS.pptCHAPTER 3 BASIC DYNAMIC ANALYSIS.ppt
CHAPTER 3 BASIC DYNAMIC ANALYSIS.ppt
 
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
 
Teensy Programming for Everyone
Teensy Programming for EveryoneTeensy Programming for Everyone
Teensy Programming for Everyone
 
SANS Digital Forensics and Incident Response Poster 2012
SANS Digital Forensics and Incident Response Poster 2012SANS Digital Forensics and Incident Response Poster 2012
SANS Digital Forensics and Incident Response Poster 2012
 
Checking Windows for signs of compromise
Checking Windows for signs of compromiseChecking Windows for signs of compromise
Checking Windows for signs of compromise
 
Open source software
Open source softwareOpen source software
Open source software
 
Cutting out Malware
Cutting out MalwareCutting out Malware
Cutting out Malware
 
Linux vs windows
Linux vs windowsLinux vs windows
Linux vs windows
 
Software Security Assurance for DevOps
Software Security Assurance for DevOpsSoftware Security Assurance for DevOps
Software Security Assurance for DevOps
 

More from Concentrated Technology

Virtualization auditing & security deck v1.0
Virtualization auditing & security deck v1.0Virtualization auditing & security deck v1.0
Virtualization auditing & security deck v1.0Concentrated Technology
 
Securely connecting to apps over the internet using rds
Securely connecting to apps over the internet using rdsSecurely connecting to apps over the internet using rds
Securely connecting to apps over the internet using rdsConcentrated Technology
 
Prepping software for w7 deployment
Prepping software for w7 deploymentPrepping software for w7 deployment
Prepping software for w7 deploymentConcentrated Technology
 
PowerShell crashcourse for sharepoint
PowerShell crashcourse for sharepointPowerShell crashcourse for sharepoint
PowerShell crashcourse for sharepointConcentrated Technology
 
Managing SQLserver for the reluctant DBA
Managing SQLserver for the reluctant DBAManaging SQLserver for the reluctant DBA
Managing SQLserver for the reluctant DBAConcentrated Technology
 
Managing enterprise with PowerShell remoting
Managing enterprise with PowerShell remotingManaging enterprise with PowerShell remoting
Managing enterprise with PowerShell remotingConcentrated Technology
 
Inventory your network and clients with PowerShell
Inventory your network and clients with PowerShellInventory your network and clients with PowerShell
Inventory your network and clients with PowerShellConcentrated Technology
 
Implementing dr w. hyper v clustering
Implementing dr w. hyper v clusteringImplementing dr w. hyper v clustering
Implementing dr w. hyper v clusteringConcentrated Technology
 

More from Concentrated Technology (20)

Wsus sample scripts
Wsus sample scriptsWsus sample scripts
Wsus sample scripts
 
Wsus best practices
Wsus best practicesWsus best practices
Wsus best practices
 
Virtualization today
Virtualization todayVirtualization today
Virtualization today
 
Virtualization auditing & security deck v1.0
Virtualization auditing & security deck v1.0Virtualization auditing & security deck v1.0
Virtualization auditing & security deck v1.0
 
Vdi in-a-box
Vdi in-a-boxVdi in-a-box
Vdi in-a-box
 
Top ESXi command line v2.0
Top ESXi command line v2.0Top ESXi command line v2.0
Top ESXi command line v2.0
 
Supporting SQLserver
Supporting SQLserverSupporting SQLserver
Supporting SQLserver
 
Securely connecting to apps over the internet using rds
Securely connecting to apps over the internet using rdsSecurely connecting to apps over the internet using rds
Securely connecting to apps over the internet using rds
 
Rapidly deploying software
Rapidly deploying softwareRapidly deploying software
Rapidly deploying software
 
PS scripting and modularization
PS scripting and modularizationPS scripting and modularization
PS scripting and modularization
 
Prepping software for w7 deployment
Prepping software for w7 deploymentPrepping software for w7 deployment
Prepping software for w7 deployment
 
PowerShell Remoting
PowerShell RemotingPowerShell Remoting
PowerShell Remoting
 
PowerShell crashcourse for sharepoint
PowerShell crashcourse for sharepointPowerShell crashcourse for sharepoint
PowerShell crashcourse for sharepoint
 
PowerShell and WMI
PowerShell and WMIPowerShell and WMI
PowerShell and WMI
 
No-script PowerShell v2
No-script PowerShell v2No-script PowerShell v2
No-script PowerShell v2
 
Managing SQLserver for the reluctant DBA
Managing SQLserver for the reluctant DBAManaging SQLserver for the reluctant DBA
Managing SQLserver for the reluctant DBA
 
Managing enterprise with PowerShell remoting
Managing enterprise with PowerShell remotingManaging enterprise with PowerShell remoting
Managing enterprise with PowerShell remoting
 
Inventory your network and clients with PowerShell
Inventory your network and clients with PowerShellInventory your network and clients with PowerShell
Inventory your network and clients with PowerShell
 
Implementing dr w. hyper v clustering
Implementing dr w. hyper v clusteringImplementing dr w. hyper v clustering
Implementing dr w. hyper v clustering
 
Iis implementation
Iis implementationIis implementation
Iis implementation
 

Recently uploaded

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍾 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍾 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍾 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍾 8923113531 🎰 Avail...gurkirankumar98700
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 

Recently uploaded (20)

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍾 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍾 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍾 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍾 8923113531 🎰 Avail...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 

App locker

  • 1. Eliminating Malware, Inappropriate Software, and Most IT Problems with AppLocker Greg Shields, MVP, vExpert Head Geek, Concentrated Technology www.ConcentratedTech.com
  • 2. This slide deck was used in one of our many conference presentations. We hope you enjoy it, and invite you to use it within your own organization however you like. For more information on our company, including information on private classes and upcoming conference appearances, please visit our Web site, www.ConcentratedTech.com . For links to newly-posted decks, follow us on Twitter: @concentrateddon or @concentratdgreg This work is copyright ©Concentrated Technology, LLC
  • 3.
  • 4.
  • 5. Part I: Today ’s IT Security is All Backwards. AppLocker Puts the Horse Before the Cart .
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21. Part II: Implementing AppLocker (Without Completely Screwing Up Your Network!)
  • 22.
  • 23.
  • 24.
  • 25.
  • 27.
  • 28.
  • 30.
  • 31.
  • 32.
  • 33.
  • 34.
  • 35.  
  • 36. This slide deck was used in one of our many conference presentations. We hope you enjoy it, and invite you to use it within your own organization however you like. For more information on our company, including information on private classes and upcoming conference appearances, please visit our Web site, www.ConcentratedTech.com . For links to newly-posted decks, follow us on Twitter: @concentrateddon or @concentratdgreg This work is copyright ©Concentrated Technology, LLC

Editor's Notes

  1. MGB 2003 © 2003 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
  2. Greg Shields
  3. Greg Shields
  4. Greg Shields
  5. Greg Shields
  6. Greg Shields
  7. Greg Shields
  8. Greg Shields
  9. Greg Shields
  10. Greg Shields
  11. Greg Shields
  12. Greg Shields
  13. Greg Shields
  14. Greg Shields
  15. Greg Shields
  16. Greg Shields
  17. Greg Shields
  18. Greg Shields
  19. Greg Shields
  20. Greg Shields
  21. Greg Shields
  22. Greg Shields
  23. Greg Shields
  24. Greg Shields
  25. Greg Shields
  26. Greg Shields
  27. Greg Shields
  28. Greg Shields
  29. Greg Shields
  30. Greg Shields
  31. Greg Shields