Register Now for Online Training and get a GIAC Cert Attempt Included or $350 Off

Baltimore Spring 2018

Baltimore, MD | Mon, Apr 23 - Sat, Apr 28, 2018
This event is over,
but there are more training opportunities.

How Effective are Tools in Detecting the "Maleficent Seven" Privileges for the Windows Environment?

  • Tobias Mccurry- Master's Degree Candidate
  • Thursday, April 26th, 8:15pm - 8:55pm

This presentation focuses on how Windows privileges add to the complexity of Windows user permissions. The presentation will briefly review how Windows handles permissions and privileges. The presentation will rehash the Maleficent Seven. The presentation will then show how each tool such as Security Explorer, Permissions Analyzer for Active Directory, or Gold Finger help with respect to the privileges. The presentation will also demonstrate the results of this research and how it discovered a gap in identifying users with privileges with the current tools available. Finally, the presentation will show how this gap was filled by the author by using powershell.

Speaker Bio: Tobias is the Director of Penetration Testing Service at SecureIT. He has over 15 years of experience in different areas of IT and currently leads the penetration testing team at SecureIT. Tobias has a specialization in identifying vulnerabilities that have been previously missed by other teams. He has worked with client teams to evaluate critical vulnerabilities and how to mitigate them. The expertise of Tobias has helped numerous teams lower risk while ensuring that the widest coverage of testing was accomplished. Tobias has publications in SANS Reading Room, Hacker Academy, and Infosec Institute. Finally, he holds a Bachelor in Computer Science and is pursuing Master of Science in Information Security Engineering with SANS, while maintaining multiple certifications. The SANS Technology Institute is the only graduate program that combines SANS technical training, recognized as the industry's best, with leadership and management curriculum specifically developed for the unique needs of aspiring leaders. Learn more at www.sans.edu.


Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Lunch & Learn: Short presentations given during the lunch break.
  • Master's Degree Presentation: Presentations given by SANS Technology Institute's Master's Degree candidates.
Monday, April 23
Session Speaker Time Type
General Session - Welcome to SANS Alissa Torres Monday, April 23rd, 8:00am - 8:30am Special Events
492063616E207374696C6C2073656520796F7521 Jonathan Ham Monday, April 23rd, 7:15pm - 9:15pm Keynote
Wednesday, April 25
Session Speaker Time Type
Evolving Enterprise Defenses Grant Moerschel, Senior Director for Solutions Engineering Wednesday, April 25th, 12:30pm - 1:15pm Lunch and Learn
Cyber Risks to Critical Infrastructure Systems Mark Bristow Wednesday, April 25th, 7:15pm - 8:15pm SANS@Night
Cyber Defense Challenges from the Small and Medium Sized Business Perspective Aric Asti- Master's Degree Candidate Wednesday, April 25th, 8:15pm - 8:55pm Master's Degree Presentation
Thursday, April 26
Session Speaker Time Type
Learning From The Adversary: Automated Malware Analysis For The Win Dean Parsons Thursday, April 26th, 7:15pm - 8:15pm SANS@Night
Building the Airplane in Mid-Flight: Bringing Cyber-Security Structure to Special Operations Units Adam Baker- Master's Degree Candidate Thursday, April 26th, 7:15pm - 7:55pm Master's Degree Presentation
How Effective are Tools in Detecting the "Maleficent Seven" Privileges for the Windows Environment? Tobias Mccurry- Master's Degree Candidate Thursday, April 26th, 8:15pm - 8:55pm Master's Degree Presentation
Friday, April 27
Session Speaker Time Type
PCAP Next Generation: Is your Sniffer Up to Snuff? Scott Fether- Master's Degree Candidate Friday, April 27th, 7:15pm - 7:55pm Master's Degree Presentation
Discovering and Acquiring Virtualized Servers on vSphere and ESXi Scott Perry- Master's Degree Candidate Friday, April 27th, 8:15pm - 8:55pm Master's Degree Presentation