Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Endpoints
Search
Olakanmi Oluwole
October 21, 2025
18
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Endpoints
Olakanmi Oluwole
October 21, 2025
More Decks by Olakanmi Oluwole
See All by Olakanmi Oluwole
INTRODUCTION TO ARTIFICIAL INTELLIGENCE FOR CYBER THREAT INTELLIGENCE INVESTIGATION
l4sec
0
48
Creating the managed SOC of tomorrow
l4sec
0
36
Malware Analysis and Reverse Engineering
l4sec
0
83
Kill one, Kill all
l4sec
0
65
DETECTING AND INVESTIGATING FAKE JOB LISTINGS USING OSINT
l4sec
0
83
THE BUSINESS OF SIM SWAPPING OLAKANMI OLUWOLE - Insights from Nigeria, Africa and beyond
l4sec
0
130
GETTING STARTED WITH USING THE DARK WEB FOR OSINT INVESTIGATIONS
l4sec
0
89
Cyber security - The bigger picture
l4sec
0
59
WhoGet OSINT Tool
l4sec
0
310
Featured
See All Featured
Avoiding the “Bad Training, Faster” Trap in the Age of AI
tmiket
0
180
The Illustrated Children's Guide to Kubernetes
chrisshort
51
52k
A designer walks into a library…
pauljervisheath
211
24k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
128
56k
We Are The Robots
honzajavorek
0
260
ラッコキーワード サービス紹介資料
rakko
1
3.8M
Building an army of robots
kneath
306
46k
Leveraging LLMs for student feedback in introductory data science courses - posit::conf(2025)
minecr
1
300
How GitHub (no longer) Works
holman
316
150k
Test your architecture with Archunit
thirion
1
2.3k
Applied NLP in the Age of Generative AI
inesmontani
PRO
4
2.3k
The Curious Case for Waylosing
cassininazir
1
400
Transcript
Endpoint & Device Security: From Antivirus to Mobile Protection Antivirus/EDR,
Patch Management, Configuration Hardening, and Mobile Security
Lesson Outcomes • Understand how Antivirus and EDR protect endpoints
• Recognize the importance of patch management & secure configurations • Apply mobile security best practices in corporate environments • Gain hands-on practice with key security tools
What is Endpoint Protection? • Endpoints = laptops, desktops, servers,
mobile devices • Threats: Malware, ransomware, trojans, spyware • Solutions: Antivirus (AV), Anti-malware, EDR
Antivirus vs EDR • Antivirus: Signature-based detection, quarantines known malware
(Example: ClamAV) • EDR: Real-time monitoring, detects unknown/fileless attacks, forensic data & auto-response
Hands-on Demo: ClamAV • Install: sudo apt install clamav •
Update signatures: freshclam • Scan directory: clamscan -r --bell -i /home/user/ • Detects EICAR test file
Practical Tools for Endpoint Analysis • file <filename>: Identify file
type • strings <filename>: Extract readable strings • Detect suspicious API calls, IPs, domains
Activity: Using strings & file • file suspicious.exe • strings
suspicious.exe | less • Look for domains, DLL imports, embedded passwords
Why Patch Management Matters • 60–70% of breaches = unpatched
vulnerabilities • Example: WannaCry (2017) exploited Windows SMB • Patching closes known attack doors
Configuration Hardening • Default settings are insecure • Disable unused
services, enforce least privilege • Strong authentication policies, file integrity monitoring
Hands-on Demo: enum4linux • Command: enum4linux -a 192.168.1.10 • Outputs:
SMB shares, user accounts, password policies, misconfigurations
Patch Management Best Practices • Centralized patching (WSUS, SCCM, Ansible)
• Test before deploying • Automate updates • Maintain asset inventory
Mobile Devices in the Enterprise • Common endpoint for corporate
access • Risks: loss/theft, rogue Wi-Fi, malicious apps • BYOD challenges
Best Practices for Mobile Security • Enforce device encryption •
Use Mobile Device Management (MDM) • Remote wipe capability • Strong PIN/biometric policies • Containerization (work/personal data separation)
Mobile Threat Landscape • Malware in third-party app stores •
Smishing (SMS phishing) • Rogue Wi-Fi access points • Rooted/jailbroken devices
Case Study: Corporate Data Breach • Employee lost unencrypted phone
• Cached corporate emails accessed by attacker • Prevention: MDM + remote wipe
Defense-in-Depth • Antivirus/EDR = detect & respond • Patching &
hardening = reduce attack surface • Mobile security = protect mobile workforce • Layered defense = resilience
Hands-On Recap • file & strings → Basic malware analysis
• ClamAV → Antivirus scanning • enum4linux → Misconfig discovery
Key Takeaways • Antivirus/EDR stop endpoint threats • Patch &
harden systems to prevent exploitation • Mobile devices = corporate endpoints too • Security = continuous process, not one-time
Final Thought • Cybersecurity is not about eliminating all risk—it’s
about managing risk through layered defense and continuous vigilance