Cybersecurity Reference Architecture & Strategies: How to Plan for and Implement a Cybersecurity Strategy

Play Cybersecurity Reference Architecture & Strategies: How to Plan for and Implement a Cybersecurity Strategy

The Discussion

  • User profile image
    Larry_B

    Hello guys,

    I'm taking care of the security of computers on my environment. I have been implementing for many years the latest MS security/mitigation technologies...

    We are running Win 10 enterprise with updated UEFI bios, secure boot, device guard, credential guard, virtualized based security....

    BUT

    for me, all of these investments in securing computers are pointless and this is discouraging, for me security is still an illusion. The whole security of Windows 10 and the efforts done by MS can be easily bypassed by hackers thanks to spychips directly implemented into motherboards:

    - Computrace (Absolute): it's a feature we can choose to enable and to subscribe to. But this feature is acting like a rootkit see https://securelist.com/absolute-computrace-revisited/58278. Windows mitigation technologies is to avoid this kind of driver injection that open doors in the system, how do you explain MS is allowing this kind of intrusion into their OS that MS doesn't control ?

    -Intel Management Engine (ME): It's dangerous, not documented and vulnerable, see new vuln: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

    Most companies don't use the remote control features provided by Intel ME (and most don't perform BIOS upgrade regurlarly), most IT guys don't even know what is this. It's a big concern that must be addressed, why MS don't react? I would expect MS to push Intel to disable by default the remote control features of ME/AMT because it's a big security hole leaving millions computers vulnerable. 

     

     

     

     

     

     

     

     

     

     

  • User profile image
    Paul Hoffman

    Very good presentation! No way that everything can now live behind a firewall. PaaS a total different mind set. Very hard to move the "aircraft carrier" of mindsets. This helps. Thank you

Conversation locked

This conversation has been locked by the site admins. No new comments can be made.