Name
H2. Stopping Malware in Its Tracks Using Windows Device Guard and Code Integrity Policies
Track
Incident Response
Date
Thursday, June 6, 2019
Time
3:15 PM - 4:15 PM
Description
Windows Device Guard enables companies to tightly lock-down a Windows device so that only approved applications and programs can be executed. Application controls can be difficult to implement and Code Integrity, as designed to be used, has its limitations. This session will explain the Code Integrity features of Windows Device Guard and show a practical, “real world” method of implementation to not only prevent malware and unauthorized programs from running on a Windows server or endpoint, but also to help provide an "Early Warning System" that you are being targeted by the "bad guys".
Learner Objectives
After completing this session, the learner will:
- Understand the Code Integrity features and limitations in Device Guard
- Learn strategies for implementing Code Integrity policies
- See the steps of a Code Integrity policy implementation
- Learn how Code Integrity policies can help provide an early warning of attempted malware attacks
Speakers
Speaker Bio(s)
Larry Stein is the Director of Security Services for Novacoast, based in Santa Barbara, California. In his 20-plus years at Novacoast, Larry has held positions in Engineering, Management, and Security services. Larry currently manages the Endpoint Management, Vulnerability Management, and Data Loss Prevention practices at Novacoast.
CEUs
1