Oh, the Places Your Credentials Go (When Security Fails)

 Credential theft remains one of the easiest ways into enterprise environments—through phishing, malware, memory scraping, or stolen tokens. For IT teams, the takeaway is clear: software-based protections alone aren’t enough to keep credentials secure.

In this session, we’ll explore where credentials actually “go” when security falls short, and how modern attacks extract them from the endpoint. You’ll learn why traditional protections—like OS storage and even TPM—can still leave gaps.

We’ll then show how Dell’s ControlVault uses hardware-rooted isolation to protect credentials outside of system memory, along with what FIPS 140 3 Level 3 and FIDO support mean in practice for stronger authentication.