SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsPowerShell has been used extensively over the years by both malware authors and information security professionals to carry out disparate objectives. This paper will focus on the latter by detailing various techniques and use-cases for digital defenders. There is no one-size fits all model that encompasses a dedicated blue-team. Roles and responsibilities will differ from organization to organization. Therefore, topics covered will range from system administration to digital forensics, incident response as well as threat hunting. Using the latest in the PowerShell framework, system variables will be collected for the purpose of establishing baselines as well as useful datasets for hunting operations. The focus will then shift to use-cases and techniques for incident responders and threat hunters.