The security industry is ablaze with news about how PowerShell is being used by both commodity malware and attackers alike. Surely there’s got to be a way to defend yourself against these attacks! In this presentation, we’ll dive deep into exactly how: from JEA-based operational controls, to the crazy advanced logging, auditing, and post-processing capabilities possible with PowerShell. Come learn why the smart red teams are beginning to abandon PowerShell as an attack platform.

Lee Holmes is the lead security architect of Microsoft's Azure Management group, covering Azure Stack, System Center, and Operations Management Suite. He is author of the Windows PowerShell Cookbook, and an original member of the PowerShell development team.

@Lee_Holmes

Back to Derbycon 2017 video list