PowerShell is fast becoming the defacto tool for adversaries in nearly every phase of an attack. The ability to live off the land as an attacker helps to reduce the chance of being detected.  Because of the commonality and legitimate use of PowerShell, the proficiency to identify unwanted actions becomes increasingly challenging.

In this session you’ll learn:

  • How to quickly formulate a hypothesis to hunt for misbehaving PowerShells
  • Techniques to hunt for network indicators of misbehaving PowerShells
  • Pivoting from the network indicators to identify offending processes on the host

When: Thursday, December 7th @ 2 PM ET | 11 AM PT

You can register here.

Load More Related Articles
Load More In Webinars

Leave a Reply

Your email address will not be published. Required fields are marked *