- Course
- Security
Threat Hunt with PowerShell
This course will teach you how to leverage PowerShell for practical threat hunting by detecting hidden persistence mechanisms, analyzing attacker activity in logs, and identifying anomalies across Active Directory, Azure, and Microsoft 365.
What you'll learn
Modern enterprises generate an overwhelming volume of logs and artifacts, making manual threat detection impossible. In this course, Threat Hunt with PowerShell, you’ll learn to wield PowerShell as a unified hunting platform. First, you’ll explore techniques to surface hidden persistence mechanisms on the file system and in memory. Next, you’ll discover how to interrogate Active Directory for rogue administrators and replication abuse. Finally, you’ll learn to pivot your hunts to the cloud by analyzing Azure and Microsoft 365 telemetry. When you’re finished with this course, you’ll be able to rapidly develop PowerShell‑based hunts that uncover adversary activity before it escalates.
Table of contents
About the author
Michael Teske is an Author Evangelist with Pluralsight helping people elevate their skills. He has 20+ years of experience in IT Ops, including 17 as an IT instructor at a community college.