Resources Webinars
Detection and response
Keith McCammon

PowerShell Abuse: Good Tool Gone Bad

 

Protect your environment from PowerShell attacks.

PowerShell provides a full-featured scripting environment and interactive shell from which actors can execute, persist, and often avoid detection. Hear from Red Canary and Carbon Black as they discuss commonalities observed in attacks leveraging PowerShell and learn valuable criteria to aid in your hunt.

This on-demand webinar will show you:

  • Real-world examples of malicious PowerShell use
  • The recommended approach to detecting PowerShell abuse without inundating yourself with false positives
 
Intelligence Insights: May 2022
 
The Goot cause: Detecting Gootloader and its follow-on activity
 
Marshmallows & Kerberoasting
 
Raspberry Robin gets the worm early