Stuck in Traffic – Defensible Architectures

Archive for May, 2016

Stuck in Traffic – Responding to PowerShell

Posted by

Red Team tools exist for PowerShell. Older ones, like PoshSec and PowerSploit, and newer ones like PowerShell Empire. Meantime, criminals weaponized PowerShell scripts with malware like PowerSniff and PowerWare. So in this talk, we discuss monitoring PowerShell and integrating it with incident response.

Watch more videos on my YouTube channel.