In this session, Ned Pyle discuss how widely the SMB protocol is used on Windows, Windows Server and in Microsoft Azure. Learn specific strategies to secure it from lateral movement and interception attacks. ✔ Resources: IT Ops Talks Hybrid Event: https://aka.ms/ITOpsTalksIT Ops Talks Community Chat: https://aka.ms/OPS104-chatAbout SMB over QUIC: https://aka.ms/SMBoverQUIC-Mar20BlogSMB Interception Defense: https://aka.ms/smbinterceptiondefenseBeyond the Edge: How to Secure SMB Traffic in Windows: https://aka.ms/smbtrafficcontrolTo watch more sessions from the IT Ops Talks: All Things Hybrid event check out our playlist: https://www.youtube.com/playlist?list...Chapters:00:00 Introduction02:32 SMB is everywhere06:00 Distributed system defense is hard, not impossible07:51 Interception defense09:22 Paths to securing SMB13:40 PATCH14:30 No SMB119:03 No Guest Auth21:03 No WebDAV23:30 SMB over QUIC coming!24:26 Limit outbound SMB25:58 UNC Hardening 34:10 SMB 3.1.141:00 Encryption44:46 No NTLM, Harden Kerberos57:27 Movement defense 59:58 Block inbound edge1:03:30 Inventory SMB1:11:00 Firewall block and allow 1:16:39 Disable SMB Server1:23:00 Final thoughts
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.