Attacks Trend & Techniques
What are the current Trends and Techniques used by hackers ?
Oh no, we’ve been hacked, now what? Developing an incident response process
Sooner or later, the unimaginable becomes the inevitable: your information security will get breached and your systems will get attacked. It might be a mild brief denial of service or a full-on concerted effort to wipe you off the Internet, but it will happen. There’s only one real question you need to answer: are you ready? Do you have the skills, techniques, tools, and organization to respond and recover? Fact is, most of us fail to plan for such a fateful day—leading to panic, indecision, and mistakes. Our jobs as defenders of information fall into three overarching categories of protection, detection, reaction. Mobilizing an organized team with a well-designed and tested reaction plan is the only effective way to recover from the attack and quickly return to business as usual. Steve Riley will show you how to build such a team and how to prepare it for success.
It’s 11:00 PM, do you know where your data is?
Long gone are the days when you knew your data was safe because it resided only in your data center. The explosive proliferation of laptops, notebooks, handheld computers, smartphones, removable drives, and Internet file storage demands that we rethink how we protect information. Because it's the information the bad guys are after, and because the information flows so freely from device to device, our obligation is to protect the information. People want to work wherever they can find a computer and an Internet connection. How can you make this work? Steve Riley will consider strategies and explore technologies to help you solve a number of thorny problems: how to classify mobile data, how to keep track of where it is, and how to control its movement.
The fortified data center in your future: Build it now and they will come
Relax for a moment. Let your mind wander to thoughts of your corporate network—with its myriad authentication schemes, its haphazard collection of client computers in various states of (non)conformance, its proliferation of access methods, its data centers with too many ways in and out. Feel like you want to just burn it all down and start over? Well, perhaps you should—and when you do, you can implement something that’s simpler, more secure, well managed, and less expensive. Over the years, Steve Riley has hinted at this idea, advocating the demise of the traditional corporate network, with its no longer useful distinction between “inside” and “outside.” Instead, organizations should move toward using the Internet as their infrastructure, where all clients and a physically and electronically fortified data center live “live on the ‘net.” The question, then, is how to build this data center? Effective security and management are absolutely essential to realize this vision. Steve will show how combining the Microsoft ForeFront family of security products with the System Center family of management solutions provides the necessary foundation for building your data center of the future—today. Don’t delay, because your business competitors are already doing it
The "Stirling" Walkthroughs demonstrate specific "Stirling" technologies. Each walkthrough guides you through a specific scenario that you can recreate in your lab environment.
Protecting Assets From Malware
In this walkthrough, you create "Stirling" groups and "Stirling" policies. You then deploy "Stirling" policies to configure the Forefront Client Security agent on the assets. After verifying the result of the policies on the assets, you then view the result of the policy on the "Stirling" Dashboard. Finally, using sample malware, you test the Client Security agent on the asset and view the result on the "Stirling" Dashboard.
Integrating with Windows Firewall
In this walkthrough, you create Windows Firewall policies in the "Stirling" console, and then deploy them to your assets. After verifying the results on the assets, you then view the results of the policy on the "Stirling" Dashboard. Finally, using a sample application that receives communication from the network, you test the Windows Firewall policy.
Using Security State Assessments
In this walkthrough, you create "Stirling" Security State Assessment (SSA) policies in the "Stirling" console, and then deploy them to your assets. After verifying the results on the assets, you then view the results of the policy on the "Stirling" Dashboard. To see a configuration problem display on the Dashboard, you implement a noncompliant Windows Internet Explorer setting, run a manual SSA scan, and then view those results on the Dashboard.
In this walkthrough, you first create and test "Stirling" policies that automatically remediate security configuration problems. Finally, you edit "Stirling" policies and test manual remediation of security configuration problems.
Automating Security Responses
This walkthrough introduces assessments and response. In this walkthrough, you create an additional group for servers, and you create and configure both manual and automatic security response policies for the desktops and the servers. You then deploy the policies and test the policies with sample malware.
Forefront codename "Stirling" Demo
Watch this online demo to learn how Forefront codename "Stirling" is an integrated security suite that delivers comprehensive protection across endpoint, servers and the edge that is easier to manage and control.
Learning Path for Security: Simplifying Security Infrastructure with Microsoft Forefront
Learn about security solutions for the client operating system, application servers, and the network edge. Find out more about Forefront Client Security, Forefront Security for Exchange Server, Forefront Security for SharePoint, Internet and Acceleration (ISA) Server 2006, and Intelligent Application Gateway 2007
Forefront Virtual Labs
Try out the features of ISA Server 2006 in these virtual labs. You can also experiment with ISA Server advanced application-layer firewall, VPN, and Web cache solution, and learn more about securing Exchange Server with ISA, in the ISA 2004 virtual labs. Or try the Forefront Edge Security and Access lab to learn about remote access with Intelligent Application Gateway 2007 and Internet access protection with ISA Server 2006.
In this post I wanted to put the Belgian WinSec and IT-Talks UG in the spotlight.
IT - Talks
Now that you know more about what this UG is all about let’s replay some of their Chopsticks:
Forefront Identity Manager 2010 (Dutch)
Lately there has been a lot of news and lots changes concerning MS Identity Lifecycle Manager. In a short presentation and in a practical, interactive, demo we will show you around, guided by some practical scenarios. What has changed since MIIS 2003 and ILM 2007? What are the new ILM components? Which resources are available to get started? How to implement out-of-the box scenarios?
Windows XP mode has been designed for small and medium sized businesses and will ease the migration towards Windows 7. There are still quite some older applications on the market that are not completely compatible with Windows 7. Most of the applications that runs well in Windows Vista will run well on Windows 7. For those applications that don’t work well you can use Windows XP mode. Windows XP mode will come with a pre-defined Windows XP Service Pack 3 virtual machine. On this VM you install your applications that have compatibility issues. Virtual PC for Windows 7 allows you to autopublish the installed applications onto your Windows 7 machine. From here you can that start the (XP) applications embedded into your Windows 7 machine.
For customers that manage several Windows PCs running Windows XP Mode and want to simplify management tasks, we offer Microsoft Enterprise Desktop Virtualization (MED-V) as part of the Microsoft Desktop Optimization Pack.
Based on feedback from the Windows XP Mode beta, we’ve made several improvements to the usability of Windows XP Mode for small and medium-sized business users:
Please note: Windows XP Mode RC requires RC or RTM version of Windows 7 Professional, Ultimate or Enterprise. It also requires additional 1 GB of RAM, 15 GB of available disk space, and processor capable of hardware virtualization with AMD-V or Intel VT turned on in the BIOS.
Read More about this announcement
Download Windows XP mode RC