An Introduction to PowerShell for Security Assessments
- James Tarala
- Saturday, December 13th, 7:15pm - 8:15pm
With the increased need for automation in operating systems, every platform now provides a native environment for automating repetitive tasks via scripts. Since 2007, Microsoft has gone "all in" with their PowerShell scripting environment, providing access to every facet of the Microsoft Windows operating system and services via a scriptable interface. Administrators can completely administer and audit not only an operating system from this shell, but most all Microsoft services, such as Exchange, SQL Server, and SharePoint services as well. In this presentation James Tarala of Enclave Security will introduce students to using PowerShell scripts for assessing the security of these Microsoft services. Auditors, system administrators, penetration testers, and others will all learn practical techniques for using PowerShell to assess and secure these vital Windows services.
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
- Lunch & Learn: Short presentations given during the lunch break.
- Master's Degree Presentation: Presentations given by SANS Technology Institute's Master's Degree candidates.
Friday, December 12
|General Session- Welcome to SANS||Dr. Eric Cole||Friday, December 12th, 8:15am - 8:45am||Special Events|
|Stay Ahead of the Adversary with Network Security Analytics||Mike Nichols, Senior Manager, Sales||Friday, December 12th, 12:30pm - 1:15pm||Lunch and Learn|
|Women In Technology Reception||—||Friday, December 12th, 6:15pm - 7:15pm||Reception|
|Continuous Ownage: Why you Need Continuous Monitoring||Eric Conrad||Friday, December 12th, 7:15pm - 9:15pm||Keynote|
Saturday, December 13
|How Isolation vs. Detection Can (finally) Help Solve the APT Problem, and Why Should I/My Organization Care?||Sebastian Taphanel, Consulting Systems Architect||Saturday, December 13th, 12:30pm - 1:15pm||Lunch and Learn|
|SANS Technology Institute Graduation||Alan Paller, Sally Vandeven||Saturday, December 13th, 7:00pm - 8:00pm||Special Events|
|An Introduction to PowerShell for Security Assessments||James Tarala||Saturday, December 13th, 7:15pm - 8:15pm||SANS@Night|
|Security Awareness Metrics: Measuring Human Behavior||Lance Spitzner||Saturday, December 13th, 7:15pm - 8:15pm||SANS@Night|
|Attacking and Defending Building Automation Systems at Scale: A Case Study||Billy Rios||Saturday, December 13th, 7:15pm - 8:15pm||SANS@Night|
|Securing The Kids||Lance Spitzner||Saturday, December 13th, 8:15pm - 9:15pm||SANS@Night|
|Everything They Told Me About Security Was Wrong||John Strand||Saturday, December 13th, 8:15pm - 9:15pm||SANS@Night|
Sunday, December 14
|Connect the Dots with Domain Name Intelligence from DomainTools||Mark Kendrick, Director of Business Development||Sunday, December 14th, 12:30pm - 1:15pm||Lunch and Learn|
|Defending Your Global Perimeter||Jonathan Trull, Chief Information Security Officer, Qualys, Inc||Sunday, December 14th, 12:30pm - 1:15pm||Lunch and Learn|
|Cyber Crime As a Business: How Criminal Networks Use "Cloud Servies" and "Involuntary Contribution Associates" to Make Money||Tom Byrnes, CEO of ThreatSTOP||Sunday, December 14th, 12:30pm - 1:15pm||Lunch and Learn|
|Continuous Monitoring and Mitigation||Timothy Jones, Federal Systems Engineer||Sunday, December 14th, 12:30pm - 1:15pm||Lunch and Learn|
|SANS Technology Institute Reception and Information Session||Bill Lockhart, Executive Director, SANS Technology Institute||Sunday, December 14th, 5:45pm - 7:15pm||Reception|
|Gone in 60 Minutes: Have You Patched Your System Today?||David Hoelzer||Sunday, December 14th, 7:15pm - 8:15pm||SANS@Night|
|Windows Exploratory Surgery with Process Hacker||Jason Fossen||Sunday, December 14th, 7:15pm - 8:45pm||SANS@Night|
|The Threat Landscape of PKI: System and Cryptographic Security of X.509, Algorithms, and their Implementations.||Blaine Hein- Master's Degree Candidate||Sunday, December 14th, 7:15pm - 7:55pm||Master's Degree Presentation|
|Introduction to IDA Pro and Debugging||Stephen Sims||Sunday, December 14th, 8:15pm - 9:15pm||SANS@Night|
|The 13 Absolute Truths of Security||Keith Palmgren||Sunday, December 14th, 8:15pm - 9:15pm||SANS@Night|
|Home-Field Advantage: Hunting the Advanced Persistent Threat by Interdicting their Tactics with Network Traps & Snares||Matthew Toussain - Master's Degree Candidate||Sunday, December 14th, 8:15pm - 8:55pm||Master's Degree Presentation|
Monday, December 15
|Vendor Solutions Expo||—||Monday, December 15th, 12:00pm - 1:30pm||Vendor Event|
|Vendor Solutions Expo||—||Monday, December 15th, 5:30pm - 7:30pm||Vendor Event|
|NetWars Tournament of Champions||Ed Skoudis & Tim Medin||Monday, December 15th, 6:30pm - 9:30pm||Special Events|
|A Night of Crypto||G. Mark Hardy||Monday, December 15th, 7:15pm - 9:15pm||SANS@Night|
|Debunking the Complex Password Myth||Keith Palmgren||Monday, December 15th, 7:15pm - 8:15pm||SANS@Night|
Tuesday, December 16
|Fortinet Next Generation Firewalls||Will Tipton, Security Engineer||Tuesday, December 16th, 12:30pm - 1:15pm||Lunch and Learn|
|Are Privileged Accounts a Vulnerability Risk? Absolutely.||Rod Simmons, Director of Privilege Management, BeyondTrust||Tuesday, December 16th, 12:30pm - 1:15pm||Lunch and Learn|
|NetWars Tournament of Champions||Ed Skoudis & Tim Medin||Tuesday, December 16th, 6:30pm - 9:30pm||Special Events|
|IT Security meets Research: Lessons from NASA's Science Labs||Joel Offenberg, Vantage Systems, Inc.||Tuesday, December 16th, 7:15pm - 8:15pm||SANS@Night|