Paula Januszkiewicz is the IT Security Auditor and Penetration Tester, Enterprise Security MVP and trainer (﴾MCT)﴿ and Microsoft Security Trusted Advisor. She is also a top speaker at many well-‐known conferences including TechEd North America, TechEd Europe, TechEd Middle East, RSA, TechDays, CyberCrime, etc., and is often rated as number-‐one speaker. Paula is engaged as a keynote speaker for security related events and she writes articles on Windows Security. She drives her own company CQURE, working on security related issues and projects. Paula has conducted hundreds of IT security audits and penetration tests, including those for governmental organizations. Her distinct specialization is definitely on Microsoft security solutions in which she holds multiple Microsoft certifications, besides being familiar with and possessing certifications in other related technologies. Paula is passionate about sharing her knowledge with others. In private, she enjoys researching new technologies, which she converts to authored trainings. She wrote a book about Threat Management Gateway 2010, and is working on her next book. She has access to a source code of Windows! Every year she makes over 200 flights (﴾2013 -‐ 248)﴿ to gain more and more experience, provides penetration tests and consults Customers about how to secure their infrastructures.
CSI: Windows – Techniques for Finding the Cause of the Unexpected System Takeovers
- Stopnja 400
-
Datum
sreda
20. maj 2015 11:00
Ok, so this is what has happened: An attacker got into your infrastructure, used server’s misconfiguration, created themselves an account and… Exactly! And what? Or maybe let's stay on the ground: you would like to know where to gather information about activities in an operating system. In both cases this session is for you! This is the moment that we wonder what else could happen except for what we see and if it is possible to trace back hacker’s activities in our systems. Yes it is! By performing several analysis we are able to get enough evidence of performed malicious actions. This type of monitoring can be also useful when performing the regular investigation of what happened in the system, not only from the attacker’s perspective. Come and see what it mean to be hacked and that nothing can be completely hidden! During this session you will become familiar on how to trace system related situations and how to establish informative monitoring that can alarm you if something goes wrong in your environment.