Improhound Workshop + Talk

After almost two years we are excited to announce our first physical/hybrid event! For this evening we plan to have a workshop and a talk, and plenty of time for socializing/networking. Please reserve your seats as the space is limited and only RSVP if you are physically showing up, so we know how much pizza we should buy :)
The virtual streaming will be anyways accessible to YouTube without the need to RSVP.

17:00 - 17:10: Intro
17:10 - 17:50: Talk: "Did you just assume your product is secure?" by Dmitry
17:50 - 18:10: Talk: "Protect your Domain Admins with tiering" by Jonas
18:10 - 18:30: Pizza and drinks will be served at ITU/ScrollBar
18:30 - 20:30: ImproHound workshop, bring your own device with VMWare to try the tool as described down below.

1. Talk: Did you just assume your product is secure?
   People tend to assume things. I know I do. It's perfectly normal, it's how our brains evolved to work. Join me in exploring the role of assumptions in our everyday life and how that impacts the security of products we build. Or did I just assume that they do?.. Hmm.

Dmitry started as a software engineer building a promising AAA title at an unknown game studio, and continued to be a firmware QA automation engineer and then a firmware developer. Despite that, he spent a lot of free time doing reverse engineering. All that equipped him well with knowledge and skills to start his infosec career almost 10 years ago. Now a senior consultant with the product security team at F-Secure Consulting, he provides advice on security topics to tier-1 automotive, aerospace, maritime, and industrial customers worldwide.

2. ImproHound Workshop: Protect your Domain Admins with tiering
   It is not viable for system administrators and defenders in a large Active Directory (AD) environment to ensure all AD objects have only the exact permissions they need. It is too big of a task, why many organizations are vulnerable to AD attacks due to too loose or wrong permissions. At the same time, credential theft may lead to privileges AD users having their password stolen when they login to compromised computers. These vulnerabilities are chainable, why you in many AD environments can escalate your rights to Domain Admin no matter what computer or user you have.

Microsoft realised this issue, and recommended organizations to implement the AD tier model: Split the AD into three tiers and focus on preventing attack paths leading from one tier to a more business critical tier. The concept is great, but it turns out to be rather difficult to implement the tiering concept in AD, why most organizations fail it and end up leaving security gaps..

After this workshop, you will be able to help those organizations! And probably p0wn them..
The workshop is part talk and part workshop and you will need to bring a computer with VMware (Player will do) to try out ImproHound. Experience with Active Directory is an advantage, but not a requirement.

Jonas Bülow Knudsen is an Active Directory (AD) security advisor. Jonas has spent the past two years helping organizations implement technical countermeasures and remediate vulnerabilities in and around AD, including implementation of the AD tier model. Working closely together with penetration testers and having a strong interest in offensive security enables Jonas to focus on security measures that matter and not just best practice.