We are proud to present to you this years’ psconf.eu sessions related to PowerShell Security. For other topics, please see the other pages on powershell.one.
We also invite you to participate in our live Q&A targeting security topics. It is taking place June 2, 2020 at 7pm CEST, and you’ll have a chance to meet the speakers, other security experts, and ask any question you may have.
Please note that psconf.eu organizer and speakers are volunteers. While we are passionately committed to provide an awesome experience for you, we cannot guarantee that things will always go according to plan. There is especially no guarantee that every speaker who delivered free content below can in fact join the Q&A.
Managing Secrets from your dev box to the cloud
by Sydney Smith from the PowerShell team.
Advanced scripts that touch many systems require multiple secrets and types of secrets particularly when orchestrating across heterogeneous clouds.
The best practice is to not hard code any secrets in scripts, but currently this requires custom code on different platforms to handle securely.
Learn how the new secrets management model will allow you to securely use secrets to automate, manage and develop. Find out how to enhance your local and remote development experience with PowerShell secrets management.
Abusing Azure Active Directory: Who would you like to be today?
Azure AD is used by Microsoft Office 365 and over 2900 third-party apps. Although Azure AD is commonly regarded as secure, there are serious vulnerabilities regarding identity federation, pass-through authentication, and seamless single-sign-on.
In this session, using my AADInternals PowerShell module, the exploitation of these vulnerabilities to create backdoors, impersonate users, and bypass MFA are demonstrated. The purpose of this session is to rise awareness of the importance of the principle of least privilege and the role of on-prem security to cloud security.
Building the ultimate Azure AD hacking tool
How did I built the ultimate Azure AD hacking tool from the scratch AADInternals is an open-source toolkit for hacking and administering Azure AD and Office 365.
Come to see and learn how did I build the script-only module (seen in action at BlackHat USA & Europe 2019 Arsenal), what obstacles I had, and how I managed to overcome them!
AAD Internals is a PowerShell module where I’ve tried to put all the knowledge I’ve gained during the years spent with Office 365 and Azure AD. It is a result of hours of reverse-engineering and debugging of Microsoft tools related to Azure AD, such as PowerShell modules, directory synchronisation, and admin portals.
I decided to make the module a plain PowerShell script module, so that everyone could copy and paste the code to their own scripts as needed. In this session, attendees will learn real-life experiences of making one’s knowledge available to the community in the form of easy-to-use PowerShell module. As such, the session contains a lot of war stories and live demos - just what the devs are looking for!
You can open this web page in a separate window during the live event to submit live questions in real-time.
What the log?! So many events, so little time…
Detecting adversaries is not always easy. Especially when it comes to correlating Windows Event Logs to real-world attack patterns and techniques.
Join me to find out how to match Windows Event Log IDs with the MITRE ATT&CK framework and methods to simplify the detection in your environment.
The PowerShell edition: see how to correlate events not only via the GUI, now you can automate it..!
Asking Questions
While live Q&A sessions are in progress, you can ask your questions by using our Q&A widget below. Note that you can also vote on questions others have submitted.
The live Q&A widget is closed when there is no live session in progress. Use our form at http://powershell.help to submit questions before or after live sessions.
You do not need to have a Vimeo account nor do you need to log in. Simply choose the option to Chat as a Guest!
Leave Comment
Please feel free to leave a comment if you have an organizational question or would like to share an idea.