PowerShell and Security - The how, what and why
This demo-rich session goes into detail on some best practices on securing PowerShell and highlights and the steps that have been taken in PowerShell 5.0 that allow you to do so. In the first section of this evening we will touch some of the basic concepts of security that we have available to us in PowerShell. Then Jaap will go into detail how you can correctly implement them by demoing the functionality.
In the second part of this presentation we will go into detail what features you can use to log what PowerShell is doing. This will cover things such as PowerShell transcription, obfuscation and how to act on what is being logged and how log files and the event log can be analyzed.
From there on we will discuss how JEA, Just Enough Administration, can be used to setup secure endpoints for PowerShell remoting. Jaap will take you through the configuration steps, the considerations when you are setting up secure endpoints and what this look like on the backend. Using this knowledge, Jaap will show some practical examples of JEA including exposing JEA endpoints to GUI applications to allow for secure and controlled interactions with your infrastructure.
If you have any specific questions in regards to PowerShell, PowerShell Security or Security in general make sure to ask these at the end of the sessions. After the presentation Jaap will be more than happy to answer any burning questions you might have.
19:00 – 19:45 PowerShell and Security (part 1)
19:45 – 20:15 Short break
20:15 – 21:00 PowerShell and Security (deel 2)
21:00 Bites and Drinks
Zuidelijk Halfrond 11
2801 DD Gouda