SEC505: Securing Windows and PowerShell Automation

摘要

WINDOWS SECURITY AUTOMATION MEANS POWERSHELL In the SEC505 course you will learn how to: 1. Write PowerShell scripts for Windows and Active Directory security automation 2. Safely run PowerShell scripts on thousands of hosts over the network 3. Defend against PowerShell malware, such as ransomware 4. Harden Windows Server and Windows 10 against skilled attackers In particular, we will use PowerShell to secure Windows against many of the attacks described in the MITRE ATT&CK matrix, especially against stolen administrative credentials, ransomware, hacker lateral movement inside the LAN, and insecure Windows protocols such as RDP and SMB.