Mimikatz Extravaganza

In every demo about security the tool Mimikatz is at least mentioned. Why not gve a whole session about all the features and functions of mimikatz. this demo heavy session is all about mimikatz and by using this tool you will learn many things about the Microsoft Windows Operating System and how to defend it

By using Mimikatz learning the operation of Microsoft Windows under the hood.

Red Team your device hardend by all Microsoft E5 security features

You have hardend your Windows 10/11 endpoints by enabling all the security features provided, ASR rules, Defender for Endpoint, EDR/MDR, Bitlocker, Applocker.

Let's have a look what happens if we try to become local admin on the device, will we succeed ?

What alerts do we see, what is blocked, what is expected, what was unexpected ?

Building and testing your Incident Response Plan. Be Prepared when the sh*t hits the fan.

An Incident Response Plan is something valueable to have in the case of an incident. But where to start and what to cover in an incident response plan.

After the write up , how do I know the right things are on paper ? Let's test the scenario with your CIRT Team and what are your opions and powershell ready to use CMDlets to operate fast and effective in the search for where the incident took place.

Hybrid Cloud Trust Model - a deep dive

Microsoft introduced an easier te implement version of Certificate Trust or Key Trust to make a single sign on experience form a modern workplace device to on-premises resources.

In this session the different models , certificate trust, key trust and Hybrid Cloud Trust *by AD Connect) will be explained and demonstrated.

This session will be a deep dive about the differences (advantages and disadvatages of the different methods and clarify the role of windows hello for business in this case.

A deep dive about the different implementation models provided by microsoft to integrate a modern workplace in an on-premises infrastructure. Certificate Trust, Key Trust and Hybrid Cloud Trust