expert webinar: hacking your windows it environment · expert webinar: hacking your windows it...
TRANSCRIPT
![Page 1: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/1.jpg)
Expert Webinar: Hacking Your Windows IT Environment
Presenters:
Liam Cleary
Microsoft MVP, Blogger
www.helloitsliam.com
@helloitsliam
Jeff Melnick
Pre-Sales Director, Netwrix
![Page 2: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/2.jpg)
Type your question
here
Click “Send”
Housekeeping
• All attendees are on mute
• Ask your questions!
• Questions will be answered during the session or at the Q&A at the end
• You will receive a copy of slides and webinar recording in the follow-up email
• Duration: Up to 60 minutes
• We hope you enjoy!
![Page 3: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/3.jpg)
Win one of three $100 Amazon eGift Card
We will randomly draw 3 people’s names at the end of the Webinar
You must be present at the end of the webinar to be eligible
We will contact all winners after the webinar
Ask your questions and be active! $100
![Page 4: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/4.jpg)
Protection
Patch management
General protections
Attacks
Understanding attacks
Attack methods
Exploitation process
Agenda
Monitoring
General approaches
Netwrix Auditor
![Page 5: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/5.jpg)
Understanding Attacks
![Page 6: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/6.jpg)
ExploitVulnerability Threat
Understanding Attacks
Vulnerabilities are entry points into an application or even hardware that allow usage in a way that it was not intended. Attackers can use the vulnerabilities for gleaning information
about the current security defenses in place. With vulnerabilities, hackers are typically attempting to solve a puzzle about what they can get away with before they attack
![Page 7: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/7.jpg)
ExploitVulnerability Threat
Understanding Attacks
An exploit is normally some kind of package that understands an known vulnerability and executes arbitrary code or processes. Exploits can take place behind firewalls where they're
harder to spot, and can cause irreparable damage when gone undetected.
![Page 8: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/8.jpg)
ExploitVulnerability Threat
Understanding Attacks
A threat refers to the hypothetical event wherein a hacker uses a vulnerability. The threat itself will normally have an exploit involved, as well as other processes and tools.
![Page 9: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/9.jpg)
Post exploitation and reporting
Intelligence gathering Vulnerability analysis Exploitation
Attack Rules of Engagement
![Page 10: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/10.jpg)
Cross-site Scripting
Man-in-the-middle
Phishing SQL Injection
Session Hijacking Credential Reuse
Types of Attacks
Malware
Denial-of-service
![Page 11: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/11.jpg)
Authentication test
Database attack
Test manual access Brute force web access
Web service scanning Remote desktop test
Application Specific Attack Methods
![Page 12: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/12.jpg)
sessions
Users
Client side controls Authentication
Back end components Web applications
Client Side Application Attacks
![Page 13: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/13.jpg)
The Attack Process
![Page 14: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/14.jpg)
Scan devices
Active directory attack
Scan firewall Scan IP ranges
Specific application attacks
Database attack
The Attack Process
![Page 15: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/15.jpg)
Inverse MappingExclude devices and servers, that don’t
respond
Ping SweepsSend ICMP/TCP packets to return “Active” devices
and servers
Port ScansProtocol specific
interrogation of devices and servers
Scanning
![Page 16: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/16.jpg)
Network Server Scanning
ICMP/TCP
PORTS
![Page 17: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/17.jpg)
Network Device Scanning
ICMP/TCP
PORTS
![Page 18: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/18.jpg)
Nmap port scan
PowerSploit
Ping sweeps AngryIP scanner
Metasploit Manual
Network, Port and Service Scanning
![Page 19: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/19.jpg)
Exploitation Process
![Page 20: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/20.jpg)
Create Payload
Select Module Framework
Identify Vulnerability Identify Exploit
Generate Code Create Listener
Exploitation Steps
![Page 21: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/21.jpg)
Remote Shell
Remote Web Backdoor Opened
Remote Access Exploit Save & Executed
Remote Command Execution
Weapon Delivery
Exploitation Steps
![Page 22: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/22.jpg)
Pivoting
• Access direct to target / no access beyond target
• Utilize target to proxy requests
192.168.153.X/24 192.168.111.X/24
Meterpreter Scan
run get_local_subnet
Return 192.168.111.X/24
Proxy
![Page 23: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/23.jpg)
Pivoting Commands
# Get local subnets on target
run get_local_subnet
background
# Add route to send subnet traffic over current session
Route add 192.168.153.0 255.255.255.0 1
# Use Meterpreter routing to Pivot Traffic
ifconfig
run arp_scanner -r 192.168.111.0/24
![Page 24: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/24.jpg)
Port Forwarding
• Forward traffic to target, then forward to none visible targets
• Attacker uses local port
• Target forwards request on chosen port
192.168.153.X/24 192.168.111.X/24
Relay Remote Port 3389Local Port 3389
![Page 25: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/25.jpg)
Port Forwarding Commands
# Forward Ports between Local Machine and Target
portfwd add -l 3389 -p 3389 -r 192.168.111.130
portfwd list
# Remote Desktop locally
rdesktop 192.168.111.130
![Page 26: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/26.jpg)
Token Stealing and Impersonation
• Incognito used to retrieve current Tokens
• Impersonate using a retrieved Token
192.168.153.X/24 192.168.111.X/24
Relay
![Page 27: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/27.jpg)
Pivoting Commands
# Grab the current Process List
ps
# Steal Tokens
steal_token 380
# Use Incognito
load incognito
# List Current Tokens, then elevate account permissions
list_tokens -u
impersonate_token DOMAIN\user
![Page 28: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/28.jpg)
Protecting the Environment
![Page 29: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/29.jpg)
Monthly RollupStandard full roll-up for
ALL released patches
Global PatchCritical operating system
updates
Limited Release Patch“From the field” patches,
covers specific issues
Patching your windows environments
![Page 30: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/30.jpg)
Patching your windows environments
PatchOnly install patches that match current level
If patch resolves current issueIf patch is a security update
Don’t PatchUnless current service pack, don’t deployMultiple hotfixes versus Latest released
serviceInconsistency across servers
![Page 31: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/31.jpg)
General Server Protection
Inspect ALL Traffic
Access Control Traffic
Monitor
Application Firewall
Perimeter
Firewall
Operating System
Firewall
![Page 32: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/32.jpg)
General Device Protection
Inspect ALL Traffic
Access Control Traffic
Monitor
Device
Firewall
PerimeterFirewall
Block Ports
![Page 33: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/33.jpg)
Infrastructure Protection
Inspect ALL Traffic
Access Control Traffic
Monitor
Application Firewall
Perimeter
Firewall
Operating System
Firewall
Server Isolation
Port Control
![Page 34: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/34.jpg)
Process Whitelisting
Allowed Executables
Allowed
Scripts
Allowed
Paths
Blocked
Executables
Blocked
Scripts
Blocked
Paths
![Page 35: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/35.jpg)
Escalation Protection
![Page 36: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/36.jpg)
Additional logging
Isolation/scoping of privileges Step-up and proof-up
Customizable workflow
Privileged Access Management (PAM)
![Page 37: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/37.jpg)
Privileged Access Management (PAM)
Corporate Domain Bastion Domain
Trust
Shadow Principal SID Mapped between identities
CORP\group BASTION\group
![Page 38: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/38.jpg)
Approval of AccessRequest Access Permissions Assigned
Time restricted access granted
Privileged Access Management (PAM)
![Page 39: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/39.jpg)
Privileged Access Workstations (PAW)
Privileged Access Workstations (PAWs) provide a dedicated operating system for sensitive tasks that is protected from Internet attacks and threat vectors. Separating these sensitive tasks and accounts from the daily use workstations and devices provides very strong protection from phishing attacks, application and OS vulnerabilities, various impersonation attacks, and credential theft attacks such as keystroke logging, Pass-the-Hash, and Pass-The-Ticket.
Tier 0 Tier 1 Tier 2
![Page 40: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/40.jpg)
Privileged Access Workstations (PAW)
Admin Workstation
Admin Workstation
Admin Workstation Active Directory
Servers
Workstations
Tier 0
Tier 1
Tier 2
Forest / Domain Admins
Server Admins
Workstation Admins
Same Tier Login
Higher Tier Login
Lower Tier Login
![Page 41: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/41.jpg)
Monitoring
![Page 42: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/42.jpg)
Audit LoggingSecurity Event Logging Firewall Logs
Monitoring approaches
![Page 43: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/43.jpg)
Non-active accounts
External accounts
High-value accounts
Anomalies or malicious
actions
Account whitelist
Different account types
Monitoring categories
Restricted use accounts/devices
Account naming conventions
![Page 44: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/44.jpg)
Alerts example
# Filter the Security Event log for specific event
Get-WinEvent -FilterHashtable @{LogName=”Security”;ID=4720} | Select TimeCreated,@{n=”Account Creator”;e={([xml]$_.ToXml()).Event.EventData.Data | ? {$_.Name -eq “SubjectUserName”} |%{$_.’#text’}}},@{n=”User Account”;e={([xml]$_.ToXml()).Event.EventData.Data | ? {$_.Name –eq “SamAccountName”}| %{$_.’#text’}}}
# Send event details as email
$Subject = “User account created”
$Server = “your.smtp.server”
$From = “[email protected]
$To = “[email protected]”
$Pwd = ConvertTo-SecureString “password” -AsPlainText -Force #Sender account password $Cred = New-Object System.Management.Automation.PSCredential(“accountname” , $Pwd)
$encoding = [System.Text.Encoding]::UTF8 #Setting encoding to UTF8 for message correct display
$Body=Get-WinEvent -FilterHashtable @{LogName=”Security”;ID=4720} | Select TimeCreated,@{n=”Account creator”;e={([xml]$_.ToXml()).Event.EventData.Data | ? {$_.Name -eq “SubjectUserName”} |%{$_.’#text’}}},@{n=”User Account”;e={([xml]$_.ToXml()).Event.EventData.Data | ? {$_.Name -eq “SamAccountName”}| %{$_.’#text’}}} | select-object -first 1
Send-MailMessage -From $From -To $To -SmtpServer $Server -Body “$Body” -Subject $Subject -Credential $Cred -Encoding $encoding
![Page 45: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/45.jpg)
Netwrix Auditor - Demonstration
![Page 46: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/46.jpg)
Demonstration
Netwrix Auditor
![Page 47: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/47.jpg)
Netwrix Auditor Applications
Netwrix Auditor for Active Directory
Netwrix Auditor for Windows File Servers
Netwrix Auditor for Oracle Database
Netwrix Auditor for Azure AD
Netwrix Auditor for EMC
Netwrix Auditor for SQL Server
Netwrix Auditor for Exchange
Netwrix Auditor for NetApp
Netwrix Auditor for Windows Server
Netwrix Auditor for Office 365
Netwrix Auditor for SharePoint
Netwrix Auditor for VMware
![Page 48: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/48.jpg)
GA
Financial
Healthcare & Pharmaceutical
Federal, State, Local, Government
Industrial/Technology/Other
Netwrix Customers
![Page 49: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/49.jpg)
All awards: www.netwrix.com/awards
Industry Awards and Recognition
![Page 50: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/50.jpg)
Next Steps
Free Trial: setup in your own test environment:
On-premises: netwrix.com/freetrial
Virtual: netwrix.com/go/appliance
Cloud: netwrix.com/go/cloud
Test Drive: run a virtual POС in a Netwrix-hosted test lab netwrix.com/testdrive
Webinars: join our upcoming webinars and watch the recorded sessions netwrix.com/webinars
Come see us at MS Ignite!
September 25th-29th, Booth #1825
![Page 51: Expert Webinar: Hacking Your Windows IT Environment · Expert Webinar: Hacking Your Windows IT Environment ... Corporate Domain Bastion Domain Trust ... Active Directory](https://reader030.vdocuments.site/reader030/viewer/2022021515/5b1a4af27f8b9a37258d7142/html5/thumbnails/51.jpg)
Thank you
Contact us:
Liam Cleary
Microsoft MVP, Blogger
www.helloitsliam.com
@helloitsliam
Jeff Melnick
Pre-Sales Director, Netwrix