iPad Air 2, Samsung Galaxy Tab A, or $350 Off with SANS Online Training Right Now!

Scottsdale 2015

Scottsdale, AZ | Mon, Feb 16 - Sat, Feb 21, 2015
This event is over,
but there are more training opportunities.

Privileged Domain Account Protection: How to Limit Credentials Exposure

  • Mike Pilkington
  • Tuesday, February 17th, 7:15pm - 8:15pm

In most enterprise networks, there are a number of privileged accounts that are used for maintaining the Windows domain, including accounts for domain administration, configuration management, patch management, vulnerability analysis, and incident response. In all of these cases, the accounts have the ability to logon to most, if not all, Windows hosts in the environment. These accounts therefore become high-value targets for attackers.

In order to protect these privileged domain accounts, it is important to have a solid understanding of the various circumstances that can expose domain account credentials. In this presentation, I will discuss what you can and cannot do safely with domain accounts. In particular, I will cover attacks against password hashes, security support providers, access tokens, and network authentication protocols. I will then provide a set of recommendations that you can follow to mitigate the risks and protect these privileged domain account credentials in your environment.


Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Master's Degree Presentation: Presentations given by SANS Technology Institute's Master's Degree candidates.
Monday, February 16
Session Speaker Time Type
General Session - Welcome to SANS Dr. Eric Cole Monday, February 16th, 8:15am - 8:45am Special Events
APT: It is Time to Act Dr. Eric Cole Monday, February 16th, 7:15pm - 9:15pm Keynote
Tuesday, February 17
Session Speaker Time Type
Privileged Domain Account Protection: How to Limit Credentials Exposure Mike Pilkington Tuesday, February 17th, 7:15pm - 8:15pm SANS@Night
Information Security Risk Management - No Exceptions! Mark Williams Tuesday, February 17th, 8:15pm - 9:15pm SANS@Night
Wednesday, February 18
Session Speaker Time Type
The 13 Absolute Truths of Security Keith Palmgren Wednesday, February 18th, 7:15pm - 8:15pm SANS@Night
Continuous Monitoring - A Practical Example Randy Marchany Wednesday, February 18th, 8:15pm - 9:15pm SANS@Night
Thursday, February 19
Session Speaker Time Type
How to Give the Best Pen Test of Your Life Ed Skoudis Thursday, February 19th, 7:15pm - 8:15pm SANS@Night
Continuous Monitoring and Real-World Analysis Seth Misenar Thursday, February 19th, 8:15pm - 9:15pm SANS@Night
BYOB - Build Your Own Botnet Francois Begin - Master's Candidate Thursday, February 19th, 8:15pm - 8:55pm Master's Degree Presentation
Friday, February 20
Session Speaker Time Type
Debunking the Complex Password Myth Keith Palmgren Friday, February 20th, 7:15pm - 8:15pm SANS@Night