๐ ๐๐ฟ๐ผ๐บ ๐๐ต๐ฒ ๐๐ถ๐ฒ๐น๐ฑ โ Real-World Findings from Security Assessments
๐ฅ ๐ฒ๐ญ.๐ต% of infrastructures Iโve assessed do not use any security featuresย available on Windows Server.
๐ช๐ฒ’๐ฟ๐ฒ ๐๐ฎ๐น๐ธ๐ถ๐ป๐ด ๐ฎ๐ฏ๐ผ๐๐:
๐ Secure Boot (needs UEFI)
๐ Trusted Boot (auto-enabled with Secure Boot)
๐ Credential Guard (requires Secure Boot + virtualization)
On modern Windows 11 workstations, these are often enabled by default.
๐๐๐ ๐ผ๐ป ๐ช๐ถ๐ป๐ฑ๐ผ๐๐ ๐ฆ๐ฒ๐ฟ๐๐ฒ๐ฟ๐?
I still regularly see BIOS-based configs and protections turned off. Onย supported versionsย of Hyper-V and VMware, UEFI + Secure Boot can be enabled by default.
๐ง๐ต๐ถ๐ ๐ฒ๐ ๐ฝ๐ผ๐๐ฒ๐ ๐๐ผ๐ ๐๐ผ:
โ ๏ธ Bootkits
โ ๏ธ Rootkits
โ ๏ธ Credential Theft
Enabling these is not optionalโ๐ถ๐โ๐ ๐ฒ๐๐๐ฒ๐ป๐๐ถ๐ฎ๐น.
๐๐ผ๐ผ๐ฑ ๐ป๐ฒ๐๐?
๐ฆ Windows Server 2025 enables Credential Guard by default (on supported hardware).
๐ Are these protections enabled in your environment? If not, whatโs stopping you?
