Defending against PowerShell Attacks

DerbyCon 7.0 - Legacy

Presented by: Lee Holmes
Date: Friday September 22, 2017
Time: 14:00 - 14:50
Location: Track 2 - Fix Me

The security industry is ablaze with news about how PowerShell is being used by both commodity malware and attackers alike. Surely there’s got to be a way to defend yourself against these attacks!

In this presentation, we’ll dive deep into exactly how: from JEA-based operational controls, to the crazy advanced logging, auditing, and post-processing capabilities possible with PowerShell.

Come learn why the smart red teams are beginning to abandon PowerShell as an attack platform.

Lee Holmes

Lee Holmes is the lead security architect of Microsoft's Azure Management group, covering Azure Stack, System Center, and Operations Management Suite. He is author of the Windows PowerShell Cookbook, and an original member of the PowerShell development team. @Lee_Holmes


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats