AppLocker
Come and learn with Sami Laiho how to effectively and securely deploy AppLocker in your environment!
Training duration: 8 academic hours, all of which are theoretical and practical work (1 day).
Target audience: This course is meant for IT/Security professionals that wish to deploy Applocker or other Application Allowlisting solution, or project managers that wish to understand how a project like this is effectively run and how long implementation will realistically take.
Prerequisites: Basic knowledge of Windows administration, Active Directory/Entra ID and network infrastructure.
Contents of this training
Since 2021 the most used initial attack vector by RansomWare changed from Phishing to Unpatched Vulnerabilities – the way to limit the enormous amount of patching is to limit and control the binaries you allow. In Windows this means you need to implement AppLocker, which now is available for PRO-versions as well! Join this training where one of the leading experts in Windows OS and Security, Sami Laiho, shows you how to effectively and securely deploy AppLocker in your environment.
Sami Laiho has deployed AppLocker for tens and tens of companies ranging from one-man to 500000+ seat companies. You will learn how to run the project, how to manage AppLocker and how to keep it secure. You will also receive prebuilt, pre-hardened, configurations that you can use at your own company. Even if you don’t want to use AppLocker, but a 3rd party solution, or if you want to deploy the new Windows Defender Application Control, you can apply this knowledge.
The training is conducted in collaboration with Adminize.com
Sami Laiho – instructor and industry expert.
Sami has been working with and teaching OS troubleshooting, management, and security since 1995. He has been auditing and implementing security solutions, specializing in Principle of Least Privilege, Application Control and Privileged Access Workstations, since 2002 and has deployed solutions for companies with between 1-550000 endpoints.
Since 2019 Sami has been chosen by TiVi-magazine as one of the top 100 influencers in IT in Finland. He is in the TOP10 most followed people in his field in Finland. At Ignite 2018, Sami’s “Behind the Scenes: How to build a conference winning session” and “Sami Laiho: 45 Life Hacks of Windows OS in 45 minutes” sessions were ranked as #1 and #2 out of 1708 sessions! This was the first time in the history of the conference that anyone has been able to do this.
Before that, at Ignite 2017, the world’s biggest Microsoft event, Sami was evaluated as the Best External Speaker! Also, Sami’s sessions were evaluated as the Best session in TechEd North America, Europe and Australia in 2014, and Nordic Infrastructure Conference in 2016, 2017, 2019, 2020, 2022, 2023 and 2024.
Specific course content
Module 1: Allow-listing (aka Whitelisting) in General
- Different allow-listing (aka whitelisting) options in Windows
- Allow-listing (aka Whitelisting) vs Deny-listing (aka BlackListing)
- AppLocker basics
- Windows Defender Application Control?
Module 2: Implementing AppLocker
- How to run an AppLocker project
- Logging what apps a company has
Module 3: Managing AppLocker
- Using GUI and PowerShell to add trusted apps
- Using correct rule types
- Getting from thousands of rules to just tens
- Keeping AppLocker safe – fighting against LOLBins
Module 4: Troubleshooting AppLocker
- Bypassing AppLocker
- What fails with an enterprise implementation of allow-listing (aka whitelisting)
Training objective
The objective of this training course is to equip participants with the skills to effectively and securely deploy AppLocker in their environment. Participants will learn how to run the project, how to manage AppLocker and how to keep it secure. They will also receive prebuilt, pre-hardened, configurations that they can use at their own company.
Intended outcome
Learning objectives:
Upon the successful completion of this training course, you will be able to:
- effectively and securely deploy AppLocker in your environment.
The price includes:
- the training center provides a prepared workstation with the necessary hardware and software in the classroom. For participants attending the training in the online environment, remote access to the required software is provided if needed;
- the training is delivered by an instructor who holds at least level 5 of an adult educator qualification and has relevant work experience in the respective field;
We also offer:
- hot beverages with cookies;
- lunch on each training day;
- free parking (please register your parking with our office manager upon arrival for the training on each training day).
Continuing Education Curriculum Group: Database and Network Design and Management (0612 ISCED)
Trainer
-
Sami LaihoTrainer and one of the World’s leading professionals in the Windows OS and Security
Sami Laiho is one of the world’s leading professionals in the Windows OS and Security. Sami has been working with and teaching OS troubleshooting, management, and security since 1995.
Sami has been auditing and implementing security solutions, specializing in Principle of Least Privilege, Application Control and Privileged Access Workstations, since 2002. Sami has deployed solutions for companies with between 1-550000 endpoints.
Since 2019 Sami has been chosen by TiVi-magazine as one of the top 100 influencers in IT in Finland. He is in the TOP10 most followed people in his field in Finland.
At Ignite 2018, Sami’s “Behind the Scenes: How to build a conference winning session” and “Sami Laiho: 45 Life Hacks of Windows OS in 45 minutes” sessions were ranked as #1 and #2 out of 1708 sessions!! This was the first time in the history of the conference that anyone has been able to do this.
Before that, at Ignite 2017, the world’s biggest Microsoft event, Sami was evaluated as the Best External Speaker! Also, Sami’s sessions were evaluated as the Best session in TechEd North America, Europe and Australia in 2014, and Nordic Infrastructure Conference in 2016, 2017, 2019, 2020, 2022, 2023 and 2024.