Endpoint Hardening Without Breaking Everything
ThreatSpike
47:34
Every CIS benchmark looks sensible on paper. Then you deploy it and OneDrive stops working, printers disappear, and users can't log in because they don't know their own username.
In this 45-minute session, ThreatSpike Senior Operations Engineer Joe Buck walks through a risk-based approach to endpoint hardening that actually survives contact with real users and real environments.
What you'll learn:
- Which CIS settings cause the most real-world disruption, and which are safe to deploy immediately
- How to scope, stage, and test hardening before it hits production
- Building an exception framework that's auditable without being rigid
- What endpoint hardening reveals about gaps in your wider security posture
Who should attend?
Security engineers and IT ops teams responsible for endpoint configuration. Security managers planning or refining hardening programmes. Anyone working with CIS benchmarks, Group Policy, or Intune and those undertaking ISO certification.
Live bonus:
All live attendees receive the Endpoint Hardening Pre-Deployment Checklist, a step-by-step framework covering scoping, testing, staging, communication, and rollback planning. Built from real deployment experience, not generic best practice.
Speakers
Joe Buck
Senior Operations Engineer
Joe Buck is a Senior Operations Engineer at ThreatSpike, specialising in endpoint security deployment and client implementation. With five years of defensive cybersecurity experience, Joe works directly with clients to deploy monitoring solutions, implement security controls, and provide strategic guidance tailored to their operational needs. He has developed deep expertise in endpoint hardening, with a particular focus on balancing robust security with operational continuity, ensuring defences strengthen without disrupting business performance or usability.
Ellie Hills
Sales Manager
Replays
See all
Endpoint Hardening Without Breaking Everything
47:34