Microsoft: PowerShell Security at DerbyCon
Many people have commented over the past couple of years that they’d love to see a PowerShell Security conference. Well, that conference arrived: DerbyCon 2016.
DerbyCon is an incredible security conference, held in Louisville Kentucky each year. Despite the calibre of all that attend, the humbleness and approachability of everyone there is outstanding. Perhaps to a fault. It’s only after talking to somebody and looking them up on Twitter do you realize it’s THAT person, and openly wonder if asking for an autograph would have been too awkward.
It’s probably best to stop talking about how great of a conference is, given that registration filled up in 12 hours this year and it’d be nice to have a fighting chance to get in next year.
As with system administrators, security professionals (pen testers, consultants, incident responders, and more) have quickly realized how amazing PowerShell is for automation. When security researchers leverage PowerShell, it is always in a “post-compromise” context. They have compromised a machine through some other avenue (phishing, SQL injection, etc.), and ultimately have the choice of any number of tools on the system. They were able to accomplish their goals before PowerShell, and will be able to accomplish their goals without PowerShell.
At some point, they decide that job satisfaction is important – and pass the IQ test by selecting PowerShell.
DerbyCon recorded almost all of the sessions this year (like every year), so I’d like to call out ones that had a strong PowerShell focus to them so you can enjoy what could easily be considered PowerShell Security Con 2016.
Read the entire article here, PowerShell Security at DerbyCon
via the fine folks at Microsoft.