ShmooCon 2014: How to Increase Attackers' Costs and Protect Your Organization 💡

For more information visit: http://bit.ly/shmooc14 To download the video visit: http://bit.ly/shmooc14_down Playlist Shmoocon 2014: http://bit.ly/shmooc14_pl Speakers: Aaron Beuhring | Kyle Salous Everyone knows that blacklisting is not effective and that whitelisting is a better solution, so why isn't anyone doing it? Organizations continue to spend money on the latest technologies in hopes that if they spend enough they will somehow become secure. Chances are that that these same organizations already own technology that can provide far more powerful defense than new blinking boxes but just haven't taken the time to properly implement it. This talk will present three approaches to whitelisting. While each approach is effective on its own, they are downright deadly when used together. It will show examples of how recent targeted and untargeted attacks could be blocked and will also present scripts, sample GPOs, and methods for implementing these technologies without losing your hair or your job. By the end of the presentation you will have all the tools necessary to frustrate attackers, amaze your coworkers, and impress your CFO.