WINDOWS SECURITY AUTOMATION MEANS POWERSHELL

In SEC505 you will learn how to:

• Write PowerShell scripts for Windows and Active Directory security automation
• Safely run PowerShell scripts on thousands of hosts over the network
• Defend against PowerShell malware such as ransomware
• Harden Windows Server and Windows 10 against skilled attackers

In particular, we will use PowerShell to secure Windows against many of the attacks described in the MITRE ATT&CK matrix, especially stolen administrative credentials, ransomware, hacker lateral movement inside the LAN, and insecure Windows protocols such as Remote Desktop Protocol (RDP) and Server Message Block (SMB).

You will leave this course ready to start writing your own PowerShell scripts to help secure your Windows environment. It’s easy to find Windows security checklists, but how do you automate those changes across thousands of machines? How do you safely run scripts on many remote boxes? In this course you will learn not just Windows and Active Directory security, but how to manage security using PowerShell.

For questions and more information contact the instructor: James Honeycutt (email: honeycutt.james@gmail.com, twitter: @P0w3rChi3f, linkedin: www.linkedin.com/in/james-honeycutt) 

Link to the registration page follows: http://www.sans.org/event/63575