SCCM is often configured to use privileged accounts and widely-deployed agents to perform the variety of tasks it supports in corporate environments. This makes it a target for attackers seeking to abuse these privileges and features to further their attacks. Given the complex nature of SCCM, configuring it correctly is essential to enterprise security. This talk will present insights stemming from our ongoing research into SCCM.
What to expect:
Technical Director, F-Secure Consulting South Africa
Christopher has extensive experience leading cyber defense, red team, and targeted attack simulation (TAS) engagements. One of his major focus areas is research into attack techniques impacting Active Directory (AD) - including investigating and understanding SCCM and how it interacts with AD.