LSASS, one of the most important pieces in an OS - say Windows 11, and one of the pieces that a threat actors are very tempted to keep their hands on. LSASS - Local Security Authority Subsystem Service, the process which is responsible for handling authentication, logon and security policies on Windows. Often, organizations don't … Continue reading Securing LSASS – Controls to Minimise Attack Surface
Tag: Attack Surface Reduction
Inspecting Microsoft Defender Attack Surface Reduction Rules
What I will be covering in this article 👇🏽 Not a How, but more of a WhyProactive Prevention Vs. Reactive DetectionThe Ever-Expanding Attack SurfaceWhy Does Attack Surface Management Matter? - Painting the Picture With An ExampleA Good Rollout RoadmapPolicy Exceptions - Experience From the FieldPlanning the DeploymentLet's Categorize the RulesUnderstanding the ASR Rule ModesIf You … Continue reading Inspecting Microsoft Defender Attack Surface Reduction Rules
EMS Route 