Building PowerShell Security Tools in a Windows Environment

System administrators aren't on the information security team, but by using the security tools you'll be building in this course in PowerShell, the security team will want to know where you got your skills!
Course info
Level
Intermediate
Updated
Mar 20, 2019
Duration
2h 51m
Table of contents
Description
Course info
Level
Intermediate
Updated
Mar 20, 2019
Duration
2h 51m
Description

IT security is everyone's responsibility. System administrators and IT professionals aren't information security gurus but they still need the tools to be an organization's first line of defense. In this course, Building PowerShell Security Tools in a Windows Environment, you will gain the ability to build PowerShell scripts and modules to discover potential and real security threats in your organization through reporting and change management. First, you will learn how to parse the Windows event log and query for and apply Windows patches. Next, you will discover to detect various changes in your environment. Finally, you will explore how to how to encrypt and decrypt sensitive information with PowerShell. When you are finished with this course, you will have the skills and knowledge of building PowerShell tools to query for and remediate common security threats needed to secure your IT organization.

About the author
About the author

Adam Bertram is an independent consultant, technical writer, trainer, and presenter. Adam specializes in consulting and evangelizing all things IT automation, mainly focused around Windows PowerShell.

More from the author
PowerShell Toolmaking Fundamentals
Intermediate
3h 55m
Sep 17, 2019
PowerShell DevOps Playbook
Advanced
2h 33m
Jul 16, 2019
More courses by Adam Bertram
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone. My name is Adam Bertram. Welcome to my course, Building PowerShell Security Tools in a Windows Environment. I've been in IT for a long time. Why would you specifically take this course by me? Well, the reason is because I teach it like I see it. I hold no punches and teach from experience, not from a book. And I have over 10 years of experience in PowerShell. Windows system administrators and IT pros don't have to be full-time security personnel. But by using PowerShell, they sure can build some handy tools. This course shows system administrators how to build many different types of tools around the security space with PowerShell. The first place you look when a breach happens is a log. In this course, we're going to dedicate an entire module to the Windows event log. Next, we'll use PowerShell to query and install patches. PowerShell is great for ad hoc patching. We'll then get into the monitoring module where we'll then build some useful tools to monitor the final system through WMI events, some local and AD group membership monitoring in Active Directory, and more. And finally, we'll wrap up with how to properly handle sensitive information, most commonly passwords in your PowerShell script. All in all, we're going to be doing a lot of reporting, and we're going to be covering a lot of PowerShell along the way to make it all happen. By the end of this course, you'll have a great starting point on how you can use PowerShell to monitor your environment across many different areas. I hope you'll join me on this journey to dive into some PowerShell with Building PowerShell Security Tools in a Windows Environment at Pluralsight.