PowerShell 101 for Blue Teams

Amiran Alavidze

Track: TBD

A 2 hour workshop on using PowerShell for enterprise defenders. Example-driven, starting with PowerShell basics, and diving into PowerShell tidbits that saved the author hours of work over the last couple years, mostly Active Directory centric.

We'll cover gathering intelligence around AD users, credentials and computers, commands useful for DFIR, and some third party PowerShell modules.

This is a hands-on workshop, bring a laptop that has an RDP client. No prior PowerShell experience is necessary.

Speakers Bio:

Amiran is an information security professional with over 15 years of experience defending enterprise networks and has expertise in risk management, incident response and security architecture. Amiran is advocating pragmatic, business-focused approach to information security, currently as IT Security Manager at Sierra Wireless, an IoT and Wireless technology company.

Security is not just a job, it's a passion.
@airman on MARS Slack