Cloud OS Deployment using PSD en

PSD is an extension to MDT, it enables the ability to deploy Windows anywhere, as long as you have Internet. In this session you will learn all about the new version, the new features and functions that we have added and some pretty cool things

Deploying Privileged Access Workstations in the real world en

If you manage things like Azure, Active Directory, Intune, Systems Center, VMware or Hyper-V, you should do that using a PAW, in this session you will learn how that is done, in the real world...

Deploying Windows Server - Baremetal as well as Upgrades en

It is time to begin the upgrade of old Windows Servers, in this session you will learn how to deploy Windows Server on physical hardware as well as on virtualized platforms, in a correct, smooth and automated way. You will also learn how to migrate workloads from older systems, or maybe upgrade a few.

Exposing Ransomware Threat Actors: AKIRA en

Throughout 2023 and into early 2024, Akira became one of the fastest growing ransomware variant focusing on both Windows, Linux, and VMware ESXi. The group targeted a wide range of businesses and critical infrastructure entities in North America, Europe, and Australia.

In this session we will present insights from the Truesec CSIRT team investigations of ransomware incidents linked to the Akira RaaS group. Discussing the techniques used by threat actors and describing how they successfully compromise and cripple their victims including details based on our special research about the abuse of CVE-2020-3259 on Cisco AnyConnect to gain initial access.

Extending the PAW mentality to the cloud en

Conditional Access is the best way for securing administrative access in the cloud. However, simply enabling MFA on your Cloud Admin account is not enough anymore, with prompt abuse attacks and man in the middle attacks as a constant threat.

This session will show you how to extend your PAW mentality to deal with administrative tasks in the cloud.

How to recover Active Directory in a cyberattack with ransomware en

One of the most common scenarios we have, victim hit by a cyber attack, everything is encrypted, backups might exist, and we really need to get the Domain Controllers back, safe and sound, without malware, backdoors. In this session you will learn how to do exactly that

How To Securely Manage Your Environment Remotely en

The question that everyone asks is, "How To Securely Manage Your Environment Remotely", it is a great question, and in this session you will learn exactly that!

Hyper-V vs Azure Stack HCI - What to pick! en

Microsoft provides two solutions for running VMs on-premises, the questions is of course, what should you pick?
In this session you will learn exactly that as we go trough and demonstrate the differences, both from a technical point of view, as well as the financial aspect

Keep the front door shut - How cybercriminals are abusing Entra ID to gain a foothold. en

Entra ID has become a main point of entry in a lot of incidents around the world.

This session will cover common tactics used by threat actors and how you can start building your Entra ID as safe as possible.

Oops, I can read your Conditional Access Policies without being an admin. en

This session will look at some of the caveats with AAD Graph API. My research found that if you have a token for these APIs, you have pretty much unhindered access for reading and exporting anything that uses AAD Graph.

Including, reading Conditional Access Policies as an end user.

The session will go through how this is possible, how to do it and demoing the toolkit I created for exporting all of this data as an end user.

Securing administrative access to Azure, AD, ConfigMgr, Intune as well as all other important system en

If you are the administrator, you have they keys, and those keys are what the threat actor is locking for. In this session you will learn what you need to do, what needs to be in place for you to be able to manage your environment without the bad guys steeling your keys, not easy, but doable

Server Deployment across the Internet without any local infrastructure en

Yes, you can deploy servers and clients across Internet, and it will be fast, the solution can be used for many reasons, one of them being recover after cyber attacks. In this session you will learn how to setup this free solution for Cloud based OS deployment

Tales from Incident response - Great examples on how to be erased en

Working in a Cyber Security Incident Response team is interesting, the reword is huge, and as a side effect you learn what customer should not do, in this session you will learn and understand how to prevent this from happening to you

Tales from Incident Response: Unmasking the Threat Actor’s Inner Sanctum en

Imagine if You Could Watch Every Step They Take…

Unmasking a threat actor activities is sometime like deciphering an ancient manuscript, but what if you can see every move and control when to strike the pause.

This session is not about log analysis, or following the breadcrumbs left by an elusive adversary. It is about having a full timeline of the threat actors machine and knowing exactly what was done without assumptions or guessing!

The 5 Key Issues Uncovered During Incident Response, that would have prevented ransomware en

Learn 5 things that could have helped customers to avoid being hit by Ransomware and/or Cyberattacks. Based on 33.000 hours of Incident Response work, I can say that I KNOW what prevent attacks and what doesn't. Join this session to learn what actually make a difference

The bare minimum – If you do nothing else, do this! ​ en

Most customers knows what they need to do, but that could end up in a life-long project, in this session you will learn what actually makes a difference, You will learn that new really cool software might not as much as you hope, instead changing behaviour for the administrators will. Sessions is of course based on real world experience, working a CSIRT for more than 6 years

Use Hydration to build solutions en

Join this session to learn to build solutions for lab, test as well as for production using Hydration. Using a hydration kit basically means that you fill out the form and wait until the solution is build. It works as long as PowerShell can be used. At TrueSec we use this to build Private Cloud, Hybrid Cloud, well we use it for anything that has to with deploying virtual environment

What's new in Windows Server 2025 en

In this session you will learn all new cool things in Windows Server 2025, you will learn (looking at demos of course) things like Hotpatching and new things in Active Directory, SMB, Hyper-V, AI and much more

What's the future of image-based Windows OS deployment? en

While you might hear that deploying Windows using images is obsolete ('just use Autopilot'), there are a number of scenarios where that's not the case. In this session, we'll explore those scenarios, as well as the tools that are available to perform the process (and some that are going away, e.g. MDT).

Windows Server 2025 - What's up! en

The new version of Windows Server is brand new and contains lots of changes. For one thing, the OS is now built on Windows 11. In this session you will learn all new and important changes, as well as deploying, migrating and upgrading. And yes, we will cover the most important updates for System Center 2025 as well, Expect a very intensive session!

Implementing Administative Tiering en

Administrative tiering is the practise of securing administrator accounts and ensuring your credentials are not exposed in the wrong place. During this session you will learn how to implement tiering in your Active Directory, why it matters and the common pitfalls

Manage Servers - In the real world en

In this session you will learn how to use PowerShell for bulk administration and tools like Windows Admin Center (formerly Project Honolulu) for the UI based - single task administration. You will learn how to configure your servers for remote administration, use the tools and you will also learn why Remote Desktop should never, ever be used

Tales from Incident Response en

In the Cyber Security Incident Response Team, also known as CSIRT, We salvage / rescue / recover customers every day. Doing this means we have seen things that no one should see, we have done things that you cannot even imagine was possible to do. In this session I will summarize what went wrong and what could have prevented it from becoming an incident. This is a session not to miss...

Recovering from Cyber Attacks - How to salvage your Domain Controllers en

When being hit by ransomeware or other cyberattacks, the threat actor could get full access to the DA account, in that case, nothing can be trusted, not even the backup. So how do we solve that?

How to manage Windows Server and Client in a secure way en

The most commonly used method of manage Windows is by far the worst, from a security standpoint. In this session you will learn how to manage Windows using various methods and tools, yet efficient and secure.

Azure Stack HCI - The perfect solution to run VMs on-prem, but Azure en

Join this session to learn everything about Azure Stack HCI, the on-premises solution to run Virtual Machines, with full support from Azure, in other words, management from Azure, Self-service from Azure, monitoring from Azure, and support from Azure. It also comes with support and functionally that only exists in Azure like the Azure VDI solution as well as Windows Server 2022 Hotpaching. It is session you should attend to, if you care about on-premises VM's

Tales from Incident Response en

In the Cyber Security Incident Response Team, also known as CSIRT, We salvage / rescue / recover customers every day. Doing this means we have seen things that no one should see, we have done things that you cannot even imagine was possible to do. In this session I will summarize what went wrong and what could have prevented it from becoming an incident. This is a session not to miss...

Stop giving your admin credentials to the bad guys en

Let's face it, if you are the admin, you have all they keys the bad guys wants. In this session you will learn how to protect your credentials, so that only YOU can use them. You will learn how to protect the control plane (AD/AAD) and use delegated permissions for everyone using a tiered access model, it is time to step up.

Protect your Admin Account and your Services Accounts! en

Working in the modern world, means Cyberattacks, in masses. The most common way for attackers to gain access is YOUR admin account, approximately 80% of all attacks is based on stolen admin credentials. In this session you will learn how to protect your admin account, and no a strong password is not the solution, you need to change the way you work.

Privileged Access Workstations - Deploy and Configure en

In todays world, all managment should be done from a Privliged Access Workstations and in this session you will learn how to deploy them.

OS Deployment from the cloud, with no infrastructure en

In this session you will learn how to build and use PowerShell Deployment Toolkit Extension, PSD for short. With this free extension to MDT you will be able to deploy operating systems across the internet, extremity fast (we are talking 15-30 minutes) including applications and settings. It also fits directly into any other management framework like, AD, AAD, Intune, etc, etc.

OS Deployment directly from the Cloud with no local Infrastructure en

In my work, we need to rapidly deploy computers without any "infrastructure", it could be that we are recovering from a cyber attack, at that time, there is nothing, and there is no time to build or restore a full client OSD solution, right now, the company needs to survive, and that is what we use PSD for. Want to know more? Join the session to learn everything about PSD (PowerShell Deployment Toolkit Extension for Microsoft Deployment Toolkit)

Manage your Servers using Azure Arc en

This session is all about manage your servers on -premis from the cloud, using Azure Arc. The session covers both Azure arc Agent and Azure Arc bridge, you will also learn how to use Azure Update Manager, Windows Admin Center from Azure Arc, if you like the cloud, but have servers, this session is for you

Backup/Restore/Recover - That works in today's cybersecurity landscape en

Most backup solutions will cover things like hardware, overwritten files, flooding, fire, etc, etc. For the last 4 years I have been working in CSIRT, and so far, what the customer hoped for, did not work at all.

Azure Arc Bridge - Self Service and then some en

Azure Arc bridge is currently in preview, and it extends the Azure Cloud directly in to your VMware or Hyper-V environment, you can now build, deploy and manage everything from Azure, the cost? Currently free, expected to be free

Using PAW's to manage your Azure Stack HCI solution en

Privileged Access Workstation (PAW's) should be used to manage high sensitive solutions, there is no question about that. The question is how to deploy and protect them correctly. Here is the session when you learn how to start using PAW's

Windows Server 2022 - Whats Up en

Easy, join this session to learn the new cool things about Windows Server 2022 and some System Center 2022 features. Join the session to learn more.

Windows Admin Center - All cool things in 60 minutes en

Windows Admin Center has grown, for each day it gets better and better, and now it is packed with new features, new ways, new integrations, it is awesome, join this session to learn all about Windows Admin Center

Hybrid Datacenter med Azure en sv

En majoritet av företag och organisationer är övertygade att moderna datacenter är byggda enligt hybrid modellen, dvs, valda delar körs lokalt och andra delar körs I Azure. Under en heldag får du lära dig hur du kan nyttja Azure som en del av ditt datacenter. Du kommer att lära dig vad du bör ha kvar i din lokala miljö, vad du enkelt kan flytta, vilka delar som bör flyttas tillsammans, hur du kan köra Azure lokalt med Azure Stack, hur du kan köra traditionellt, men ändå nyttja hybrid lösningar med Azure, men också hur du växlar till en modern infrastruktur men ändå kör vissa valda delar lokalt vid behov. Det här blir en dag med Azure, IaaS, PaaS, Azure Stack, Azure Pack, Windows Server 2019, PowerShell, Network, Hyper-V, Storage, Active Directory, Azure Active Directory, System Center, Log Analytics och mycket annat skoj.

Hybrid Datacenter med Azure en sv

En majoritet av företag och organisationer är övertygade att moderna datacenter är byggda enligt hybrid modellen, dvs, valda delar körs lokalt och andra delar körs I Azure. Under en heldag får du lära dig hur du kan nyttja Azure som en del av ditt datacenter. Du kommer att lära dig vad du bör ha kvar i din lokala miljö, vad du enkelt kan flytta, vilka delar som bör flyttas tillsammans, hur du kan köra Azure lokalt med Azure Stack, hur du kan köra traditionellt, men ändå nyttja hybrid lösningar med Azure, men också hur du växlar till en modern infrastruktur men ändå kör vissa valda delar lokalt vid behov. Det här blir en dag med Azure, IaaS, PaaS, Azure Stack, Azure Pack, Windows Server 2019, PowerShell, Network, Hyper-V, Storage, Active Directory, Azure Active Directory, System Center, Log Analytics och mycket annat skoj.

Windows Server Management Using Windows Admin Center en

With multiple versions of Windows Server, different versions of RSAT, MMC being a bit “old”, getting a overview using PowerShell is a bit tricky, someone must have done something to fix this… And Microsoft has done it! Say hello to Windows Admin Center (FKA "Project Honolulu")! In this session you will learn how to setup and deploy Windows Admin Center in your environment. You will learn management of servers in the UI as well ass Role Based Access Configuration and Security configurations and that will give you a really cool tool to use!

MVP Show Case - Hantera en Microsoft baserad plattform med PowerShell, rätt verktyg och rätt attityd en

En session full med demos från MVP:er som hanterar Microsoft baserade lösningar hela dagarna. Den här session ger dig mängder med nyttiga tips och tricks som du direkt kan ta och använda I dina egna miljöer

Securing administrative access and privileges en

Det är DU som är målet för en angripare, helt enkelt för att du som administratör har åtkomst till allt.

I den här sessionen kommer du att lära dig att skydda dina administrativa behörigheter och fortfarande kunna arbeta på ett effektivt sätt, till och med via Remote PowerShell. Du kommer att lära dig hur du börjar med att tier:a din miljö, använda isolering, samt riktiga PAW:ar, förstå hur Host Guardian Självklart förklarar vi hur du lyfter dig. Du kommer också att lära dig hur du korrigerar den miljö du redan har, oavsett om det är en hybrid, cloud-only eller On-Premises. Och, ja, du kommer att få tillgång till alla PowerShell script vi använder för att bygga och konfigurera detta. Sessionen är helt baserat på praktiska erfarenheter.

Migrera och uppgradera till Windows Server 2019 och till Azure en

Det är dags att migrera till Windows Server 2019, allt som är äldre än Windows Server 2016 bör uppgraderas, för länge sedan.

I den här session lär du dig hur man på enklast sätt växlar från gammalt till nytt med inbyggda verktyg, script och metoder, oavsett om det ligger i ett moln, eller om du kör det i din egna miljö. I vissa scenarion kan det vara lämpligare att migrera till en tjänst i Azure och därför kommer du att lära dig hur man kan exempelvis migrera en lokal filserver till en filserver tjänst i Azure. Sessionen är helt och hållet baserat på scenario med demo.

Expert-level Windows 10 deployment en

Join us for a rich set of live demos on how to build a Windows 10 deployment solution, based on System Center Configuration Manager. In the session, we take OS deployment with Microsoft Deployment Toolkit and System Center Configuration Manager to its outer limits. Expect a lot of real-world deployment tips and tricks in this session and some hard core debugging.

Building a HCI/S2D solution from Bare Metal to Done using MDT and PowerShell en

In this session you will learn how to build a server deployment solution that can deploy HCI/S2D fully automated, this will not only help build the solution perfect, it will also provide you with a perfect DR solution.

Windows Admin Center - Deploy, Configure and use with HCI/S2D en

In this session you will learn how to configure Windows Admin Center to manage your HCI/S2D solution. You will learn how to configure it so that is secure and available and very "shiny", you will also learn how to use the existing PowerShell code inside Windows Admin Center, note that this session is demo intense, with just a few slides

How to successfully patch a HCI/S2D cluster en

So, you need to run Windows Update on your HCI cluster, that's easy, just logon and run Windows Update, right?
Wrong, in this session you will learn how to update a HCI/S2D cluster in the correct manner, verifying each and every step on the way.

Fabric Isolation in the Enterprise - The art of surviving en

When Single Sign On was introduced, it was amazing, and it still, however, SSO is also the No:1 reason for attackers to seek and destroy everything in very short time, In this session you will learn how to prevent this.

Building/Configuring a modern infrastructure means that controlled isolation is a must, we will never stop the attacker, but we can make it harder and slow down the attack by creating isolation islands, great examples is VMware, Hyper-V, Monitoring, Backup. In this session you will learn how to reconfigure and/or build your environment so that "One Credential To Rule Them All" issue is minimized