[German]IT security should not be a question of money – these are often pretextual excuses. MVP Tom Wechsler has put some thought into the topic and shows how you can even use PowerShell and a few lines of code to research IT security problems. In a post on Microsoft's Techcommunity, he gives an overview of how to analyze IT threats using PowerShell.
I just stumbled across the related post by MVP Tom Wechsler on Twitter. He writes that lack of IT security is often excused by the fact that there is little or no money available. He thinks that's a cheap excuse.
Therefore, he tries, by means of the PowerShell in Windows various scripts to investigate various issues. This is to find or detect threats. He sees PowerShell as a useful tool for finding threats in Windows environments. It is a powerful scripting language and platform for automating tools and accessing data in any Windows environment, he said.
Using PowerShell, administrators can quickly gather information from various sources such as event logs, registries, files and processes. In addition, PowerShell integrates easily with other tools and technologies, making it a flexible and efficient tool for threat hunting.
Use cases for PowerShell scripts in threat hunting include automated log data collection, identifying unusual behavioral anomalies in the system, detecting malware or malicious activity based on known signatures or patterns or behaviors. These are just a few examples of how PowerShell can be used in threat hunting.
Wechsler describes the details in the Techcommunity post Threat Hunting with PowerShell – Security even with a small budget – there is no excuse! The scripts are harmless, but if you use them, you should already understand what they do. Because the search patterns in the scripts have to be adapted. Wechsler also recommends obtaining written permission to perform the relevant investigations. Perhaps the article and the scripts will be of interest to some of the readers.
Cookies helps to fund this blog: Cookie settings