The CIS Critical Controls are recognized as a good start in setting up a defensible infrastructure. They are platform / OS agnostic, aren’t driven by vendor agendas, and are very much community and volunteer driven. In this talk, we’ll discuss a typical organization, one that we’d see in many security engagements. We’ll discuss the various Critical Controls and how implementing these might look specifically for our example company’s Blue Team. Most of the defenses that we’ll be discussing will be implemented using PowerShell scripts and AD Group Policies (all of which will be posted and freely available). For each of the Controls, we’ll discuss the typical attacks that these actions head off – either “in the wild” attacks or attacks in a pentest setting, along with how the defense works. As always, we’ll see lots of live demos of how these work in a real company. Come out for some Blue Team goodness! Defend all the things!