John Hubbard & Josh Johnson , Blueprint: Build the Best in Cyber Defense

Josh Johnson: PowerShell and Defensive Automation for the Blue Team

11 May 2021 • 48 min • EN
48 min
00:00
48:39
No file found

Click here to send us your ideas and feedback on Blueprint! PowerShell may seem intimidating, but it can be one of the most amazing and useful tools at your disposal...if you know how to use it. In this episode, we have Josh Johnson, author of the new SANS course "SEC586: Blue Team Operations - Defensive Powershell" giving you a masterful crash course in: - The importance of PowerShell - How PowerShell works, and how to set yourself up to use it - Blue team use cases for log analysis, incident response and more - How to stopping attackers from leveraging PowerShell - Some of the amazing automation and playbook opportunities you may be missing out on. Lots of actionable content for defenders here, don"t miss in this episode! Our Guest: Josh Johnson Josh Johnson is a SANS Certified Instructor and course author of SEC586: Blue Team Operations: Defensive PowerShell. He has been working in the Information Security industry for over 10 years in varying roles with responsibilities ranging from penetration testing to incident response. Josh was Purple Teaming since before it had a name and used his offensive security skill set to find and pursue his true passion - Blue Team. Since then, he has been helping organizations of all sizes, and in varying industries from healthcare to retail to finance, improve their cyber defense capabilities. More About Josh Follow Josh:  Twitter | LinkedIn Sponsor"s Note: Support for the Blueprint podcast comes from the SANS Institute. If you like the topics covered in this podcast and would like to learn more about blue team fundamentals such as host and network data collection, threat detection, alert triage, incident management, threat intelligence, and more, check out my new course SEC450: Blue Team Fundamentals. This course is designed to bring attendees the information that every SOC analyst and blue team member needs to know to hit the ground running, including 15 labs that get you hands on with tools for threat intel, SIEM, incident management, automation and much more, this course has everything you need to launch your blue team career. Check out the details at sansurl.com/450! Hope to see you in class! Follow SANS Cyber Defense: Twitter | LinkedIn | YouTube Follow John Hubbard: Twitter | LinkedIn Connect with John: - LinkedIn - Take A Training Course with John SOC Analyst and Leadership Training Courses: - SEC450: Blue Team Fundamentals - Security Operations and Analysis - LDR551: Building and Leading Security Operations Centers SANS: - Cyber Defense Course List - Upcoming Training Events - Free tools, VMs, cheat sheets and more for cyber defenders

From "Blueprint: Build the Best in Cyber Defense"

Listen on your iPhone

Download our iOS app and listen to interviews anywhere. Enjoy all of the listener functions in one slick package. Why not give it a try?

App Store Logo
application screenshot

Popular categories