Podcasts about PowerShell

Frank Lesniak joins Andrew Pla for a wide-ranging conversation that covers Frank's newly minted Microsoft MVP status, his journey through PowerShell, and what it looks like to build a real presence in the tech community. Frank talks through the pipeline struggles that tripped him up early on, how his VB Script and object-oriented background made the shift to PowerShell's object model feel disorienting, and how AI has quietly changed the way he approaches scripting today. The conversation takes a thoughtful turn as Andrew and Frank dig into impostor syndrome, the value of conference speaking, and how showing up consistently in the community compounds into a career. Frank also shares an update on DuPage Animal Friends, the nonprofit he serves, which supports one of the country's highest-performing open-admission animal shelters. Key Takeaways: The PowerShell pipeline is one of the most commonly cited stumbling blocks for newcomers, especially those coming from text-based scripting backgrounds. Learning to visualize what your objects look like at each stage of the pipeline, using tools like Get-Member, is a skill that pays dividends long term. Showing up at conferences and user groups, even when you feel underprepared, is how you build the reps that eventually make it feel natural. Frank's consulting background gave him a head start on presentation skills, and he's clear that no one is born polished. Community involvement and career growth are more connected than they might look from the outside. Engaging with people on GitHub, at events, and through open source creates a feedback loop that builds confidence and opens doors. Guest Bio: Frank Lesniak returns to The PowerShell Podcast, this time as a Microsoft MVP (Microsoft Azure, PowerShell). Frank is a Sr. Cybersecurity & Enterprise Technology Architect at West Monroe, where PowerShell runs through client work on corporate M&A: carve-outs, tenant-to-tenant migrations, identity consolidation, endpoint moves, and security posture improvement across Microsoft 365, Azure, Entra ID, Active Directory, Intune, Defender, and Windows. Beyond consulting, Frank speaks at technical conferences, mentors first-time speakers, and publishes open-source PowerShell standards and tooling, including PSStyleGuide, GloryRole, and PSConnMon. His public work threads least-privilege identity, cloud role mining, cross-platform observability, and high-quality AI-assisted development through standards, automated tests, and automated code quality reviews. Connect with Frank: https://linktr.ee/franklesniak Connect with Andrew: https://andrewpla.tech/links PSConnMon - PowerShell Network Monitoring - https://github.com/franklesniak/PSConnMon/ GloryRole - Automating Least-Privlege Azure and Entra ID Directory Roles - https://gloryrole.com PowerShell Style Guide - https://github.com/franklesniak/PSStyleGuide PowerShell Style Guide + Coding Agents Lightning Talk - https://github.com/devops-collective-inc/pshsummit26/tree/main/PowerShellStyleGuideForCodingAgentsAndHumans-Lesniak Coding Agent Accelerator Template Repo (Coming Soon!) - https://github.com/franklesniak/copilot-repo-template ProStateKit - the DSC v3-Intune Starter Kit - https://github.com/franklesniak/ProStateKit ProStateKit Promotional Commercial - https://www.youtube.com/watch?v=cA5vMH522F0 macOSLab - Automating Legit macOS VMs - https://github.com/franklesniak/macOSLab DuPage Animal Friends - https://www.dupageanimalfriends.org/ PDQ Discord: https://discord.gg/pdq The PowerShell Podcast: https://www.pdq.com/resources/the-powershell-podcast/ Previous episodes with Frank Lesniak: https://powershellpodcast.podbean.com/?s=Frank+Lesniak The PowerShell Podcast on YouTube: https://youtu.be/Eg-uEGaurmY  

In this episode, host Andrew Pla sits down with Mark Littlefield, VP of Product at PDQ, for a wide-ranging conversation about product management, the PowerShell community, and what it looks like to deeply learn a technical domain when you're not coming from a traditional sysadmin background. Mark shares his journey from tech support to product management, what drew him to PDQ and the challenges facing IT admins, and what surprised him about PowerShell once he started paying close attention. The two also dig into the history behind PDQ Connect's PowerShell Scanner, how product teams learn from customers, the art of storytelling as a PM and sysadmin skill, and more. Key Takeaways: Product management and PowerShell automation share a core philosophy: solve problems at the root, not just on the surface. Whether you're writing a script or building a feature, the goal is to eliminate a challenge entirely rather than patch around it. Understanding your customer requires more than data — it requires immersion. Mark describes going deep into the sysadmin world through customer interviews, internal usage, and community engagement to truly understand the problems facing IT teams. Great storytelling is a transferable skill. Andrew draws a parallel between how Jeffrey Snover used the Monad Manifesto to get internal buy-in at Microsoft and how to use narrative to align teams and push ideas forward. Guest Bio: Mark Littlefield is the VP of Product at PDQ, where he leads product strategy and development for PDQ Connect and the broader PDQ product suite. With over 15 years of product management experience, Mark previously served as VP of Product Management at InsideSales.com, where he oversaw product management and design across the platform. He holds a Bachelor of Science in Information Systems with a focus on Business Intelligence from Utah Valley University and is based in Salt Lake City, Utah. Resource Links: PowerShell Event: https://www.pdq.com/save-time-with-powershell-pdq-connect/ PDQ Connect: https://www.pdq.com/pdq-connect/ PDQ PowerShell Scanners GitHub repository: https://github.com/pdqcom/PowerShell-Scanners The Monad Manifesto (Microsoft Learn): https://learn.microsoft.com/en-us/powershell/scripting/developer/monad-manifesto?view=powershell-7.5 Monad Manifesto blog post by Jeffrey Snover: https://devblogs.microsoft.com/powershell/monad-manifesto-the-origin-of-windows-powershell/ Mark Littlefield on LinkedIn: https://www.linkedin.com/in/mark-littlefield/ Connect with Andrew: https://andrewpla.tech/links PDQ Discord: https://discord.gg/pdq The PowerShell Podcast on YouTube: https://youtu.be/fo2V5LC-EZo  

In the security news this week: FCC router bans and the hidden firmware update problem Why extending support timelines actually improves security Github supply chain concerns and the evolving SBOM ecosystem CRA and NIS2 compliance deadlines are getting very real The EU Cyber Resilience Act's 24-hour vulnerability disclosure requirement Security regulation: vertical vs horizontal compliance models Vehicle-to-load EV systems powering homes during outages Solar, batteries, AI farms, and the future economics of electricity Data centers consuming regional power grids BitLocker “Yellow Key” fallout and large-scale remediation challenges AI-generated PowerShell fixes and the rise of vibe scripting Linux kernel exploits, module jail, and default deny strategies Medical biometric data theft and why fingerprints are terrible passwords Interpol cybercrime operations across the MENA region OT security, connected vehicles, and accepting real-world risk The crew also discusses threat intelligence obligations under the CRA, the operational realities of patching at enterprise scale, the economics of secure-by-default systems, and why making security cheaper than insecurity might finally move the industry forward. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-927

In the security news this week: FCC router bans and the hidden firmware update problem Why extending support timelines actually improves security Github supply chain concerns and the evolving SBOM ecosystem CRA and NIS2 compliance deadlines are getting very real The EU Cyber Resilience Act's 24-hour vulnerability disclosure requirement Security regulation: vertical vs horizontal compliance models Vehicle-to-load EV systems powering homes during outages Solar, batteries, AI farms, and the future economics of electricity Data centers consuming regional power grids BitLocker "Yellow Key" fallout and large-scale remediation challenges AI-generated PowerShell fixes and the rise of vibe scripting Linux kernel exploits, module jail, and default deny strategies Medical biometric data theft and why fingerprints are terrible passwords Interpol cybercrime operations across the MENA region OT security, connected vehicles, and accepting real-world risk The crew also discusses threat intelligence obligations under the CRA, the operational realities of patching at enterprise scale, the economics of secure-by-default systems, and why making security cheaper than insecurity might finally move the industry forward. Show Notes: https://securityweekly.com/psw-927

It's PowerShell After Dark. Recorded live at the PowerShell & DevOps Global Summit in Bellevue, Washington, host Andrew Pla takes his mic to the hotel bar for a series of candid conversations with attendees. The episode features four guests: Josh Gratton, an OnRamp scholarship recipient whose career pivot to junior systems engineer was fueled by PowerShell and the podcast; Mark Go, a first-time Summit speaker and attendee; Craig Mileham, a fellow podcast listener and Summit first-timer working in higher ed IT; and Matt Zaske, a longtime community member, conference speaker, and IoT enthusiast who ran a Home Assistant lightning demo. What connects all four conversations is the same thread Andrew keeps pulling on: community makes everything better. Beginners belong here. Reach out. Take the risk. Start now. Key Takeaways: The OnRamp scholarship program is genuinely life-changing for early-career IT professionals. Josh Gratton's story, from service desk to systems engineer to Summit attendee, is a direct line from PowerShell to career transformation, and it started with applying for a scholarship he poured his heart into. Showing up in person changes something. Every guest in this episode described the in-real-life version of the PowerShell community as warmer, more welcoming, and more accessible than they expected. The gap between "online community" and "your people" closes fast when you're in the same room. Reaching out is not just encouraged, it's the move. Andrew makes the case clearly: the people who message him, who post in Discord, who ask questions in public, those are the ones he sees succeed. Suffering in silence is optional. So is waiting. Guest Bios: Josh Gratton is an IT professional who made a mid-career pivot from 15 years in a different field to the service desk, then leveraged PowerShell automation to earn a promotion to his company's systems engineering team. A 2026 OnRamp scholarship recipient, Josh attended his first PowerShell & DevOps Global Summit in Bellevue and left planning to present at a future Summit and bring a colleague along next year. Mark Go is an IT professional and active member of the PDQ Discord community who attended the 2026 PowerShell & DevOps Global Summit. He served as Andrew's cameraman during the Summit's After Dark session and is known in the community for his IoT work, including speaking at Summit. He's a returning podcast guest, Powershell Wednesday and Summit speaker. Mark brings a hardware-forward perspective to PowerShell, with interests in soldering and embedded systems. Craig Mileham is a PowerShell Podcast listener and Summit first-timer who works for an MSP in the higher ed space. He attended this year's Summit to absorb as much as possible and left energized to build internal tools for his help desk team and share what he learned at PowerShell Wednesday. This guy is really awesome Matt Zaske is an IT professional, conference speaker, and community member based in Minnesota. A regular presence at events like MMS, Matt is also an avid Home Assistant enthusiast who bridges the gap between PowerShell and IoT hardware. He ran a lightning demo at the 2026 Summit, taught attendees how to solder, and blogs regularly at mzonline.com. You can also find him on LinkedIn and Bluesky. 3d printing legend. GET ON HIS LEVEL Resource Links: PowerShell & DevOps Global Summit: https://www.powershellsummit.org OnRamp Program and Scholarship: https://www.powershellsummit.org/on-ramp/ The PowerShell Podcast on PDQ.com: https://www.pdq.com/resources/the-powershell-podcast/ PDQ Discord (Learn PowerShell channel): https://discord.gg/PDQ PDQ Careers: https://www.pdq.com/jobs/ Connect with Andrew Pla: https://andrewpla.tech/links Matt Zaske's Blog: https://www.mzonline.com The PowerShell Podcast on YouTube: https://youtu.be/Y_GDB0e8xHY

これでAntigravityの使い勝手も良くなったら最強！

Jess Pomfret returns for her third appearance on the PowerShell Podcast and brings the same energy that keeps people coming back. She and Andrew cover a lot of ground, starting with her upcoming "Chase the Sun" charity cycling event where she'll attempt to ride 205 miles coast-to-coast across the UK in a single day, starting at sunrise on the longest day of the year and racing the sun to the finish line. It's a big undertaking, and she's riding to raise money for Momentum in Fitness, a charity her wife works for that brings fitness opportunities to older adults, kids in non-traditional school settings, and children with cancer. On the technical side, Jess makes the case for PowerShell splatting as an underrated beginner concept that makes code dramatically more readable. She walks through the idea of pulling parameters out of a long command line, organizing them into a hash table, and passing that hash table to the command instead. It's one of those things experienced scripters take for granted, but seeing it for the first time is genuinely useful. The conversation also gets into Desired State Configuration (DSC), where Andrew and Jess dig into what it is, how it works, and why it matters for sysadmins who want to maintain consistent configuration across their environments. Jess also opens up about managing a packed schedule between her day job, speaking, podcasting, LinkedIn Learning courses, and serious bike training. Her answer is honest and relatable: she's still figuring it out, but Todoist and a very supportive partner help a lot. Key Takeaways: Splatting is one of the most readable improvements you can make to your PowerShell code. Instead of chaining parameters into one long command, you load them into a hash table and pass that to your command with an @ symbol. Cleaner to write, easier to read, and especially useful when you're sharing code on a screen. DSC lets you define what a system should look like and PowerShell handles the work of getting it (and keeping it) there. It's a mindset shift from scripting manual steps to declaring an end state, and it's particularly powerful in large environments where consistency matters. Having a support system is one of the most underrated factors in being able to sustain a high-output career alongside community contributions. Whether it's people around you who help carry the load or finding your people in the data and PowerShell communities, you can't do it alone indefinitely. Guest Bio: Jess Pomfret is a Data Platform Engineer and a dual Microsoft MVP. She's been working with SQL Server since 2011, is a maintainer on the dbatools open source project, co-host of the Finding Data Friends podcast, and a LinkedIn Learning instructor. She grew up in the south-west of England and now lives in the US. Outside of tech, she's an avid cyclist, padel player, and a devoted fan of proper football.   Resource Links: Connect with Jess on LinkedIn: https://www.linkedin.com/in/jpomfret Connect with Andrew: https://andrewpla.tech/links Jess's blog: https://jesspomfret.com Support Jess's Chase the Sun ride for Momentum in Fitness: https://www.justgiving.com/page/jess-pomfret Finding Data Friends podcast on YouTube: https://www.youtube.com/@findingdatafriends/videos dbatools – PowerShell module for SQL Server automation: https://dbatools.io Jess's previous episode on the PowerShell Podcast (Ep. 164): https://powershellpodcast.podbean.com/e/from-proper-football-to-databases-with-jess-pomfret/ Jess's first appearance on the PowerShell Podcast: https://powershellpodcast.podbean.com/e/dbatools-with-jess-pomfret/ Join the PDQ Discord: https://discord.gg/pdq The PowerShell Podcast on YouTube: https://youtu.be/M2XvvCKs1Ls

Hello friends! Picking up the AI-automation series from a couple weeks back — here's another batch of scripts and integrations that have been giving me precious minutes (and sanity) back. Yes, I had to upgrade to Claude Max. No, I'm not trying to automate myself out of a job — just freeing up bandwidth for the more interesting parts of work/life. QuickBooks invoice automation: Got tired of the eight-factor login plus click-fest just to send a few invoices. Now I run a PowerShell menu — type the client name, pick the project, enter the amount, hit Enter — done in ~30 seconds. The QuickBooks dev onboarding (security questionnaire, IP allowlist) was actually a bigger time sink than the script itself. Password Pusher API integration: A menu-driven PowerShell script that prompts for a label, pops an Explorer window to grab the files, optionally adds a password, then auto-drafts the client email with the secure link filled in. A few minutes saved each time, a couple times a day — adds up to some nice time saved! Basecamp + Claude: Linked Basecamp into a Claude project so I can ask plain-English questions like "what personal project tasks are due this month?" or just voice-note a new task while I'm in the car. Honestly the biggest win is anxiety reduction — once it's in Claude, it's out of my always-simmering pressure cooker of a brain. Blumira agent auto-installer for the GOAD lab: I revert the GOAD lab to vanilla a couple times a week, which means re-installing Blumira agents constantly to show clients the attack/defense telemetry side. Wrote a Kali-side script that uses NetExec over WinRM to check each box for the Blumira service and push the installer if it's missing. (Tried SMB exec first, but escaping got wonky on the PowerShell one-liner.) Bonus: Blumira's dashboard auto-removes agents that haven't phoned home in 24 hours, which is a perfect fit for a lab that's constantly getting nuked. Auphonic + API for podcast production: This one's a little meta. Old workflow: record → drag into Hindenburg/GarageBand → manually line up intro and outro → noise reduction → export. New workflow: one terminal script that previews the first and last few seconds so I can trim silence, ships the audio to Auphonic via API, and returns a cleaned-up, levels-corrected MP3 plus a full transcript and auto-generated chapter markers. (If your podcast app supports chapters (like Downcast) pop open this episode or #720 and you'll see them.) Next step: pipe the transcript straight into Claude for a show notes first draft. One quick personal note before I run: my oldest son just landed an EMT job with a great Minnesota medical network, and is wrapping up paramedic school in a few months.  I cried some happy dad tears today.

Paula Kingsley, a senior IT leader, longtime consultant, automation and PowerShell enthusiast, eight-time Microsoft MVP for Exchange Server, and happy generalist, joins Andrew for a wide-ranging conversation about her tech journey and what it actually looks like to grow from deep hands-on work into technology leadership. They kick things off with a topic near and dear to a lot of PowerShell folks: the ISE-to-VS Code migration. Paula was terrified of it, put it off for as long as she could, and now uses VS Code every single day. From there, the conversation opens up into what consulting taught her about solving problems, how being a generalist can be a genuine advantage, why documentation and communication matter as much as technical skill, and what it means to keep the human side of technology alive as you move up. Paula also drops some solid practical PowerShell wisdom along the way, from always including WhatIf support in your functions to the very important reminder that Get is safe and Set is something else entirely. Key Takeaways: Making the jump from ISE to VS Code feels daunting, but the move is absolutely worth it. The secret is forcing yourself to open it first and just leaving it open until the habit takes hold. Being a generalist isn't a weakness. The ability to see across systems, communicate up and down, and translate technical work into business outcomes is a real and undervalued skill. Always build yourself an escape route. WhatIf and ShouldProcess aren't just best practices, they're the difference between a confident deployment and a very bad afternoon. Guest Bio: Paula Kingsley is an outcome-driven senior IT leader, technology operations and engineering expert, eight-time Microsoft MVP for Exchange Server, and self-described happy generalist. Her path into tech started with a liberal arts degree and eventually led through boutique IT consulting, enterprise infrastructure, global production operations, automation, cloud, AI, and a deep appreciation for PowerShell. Paula has built her career around solving problems, simplifying workflows, removing friction, and helping technical teams work better at scale. She is senior enough to shape strategy and steer practices, still hands-on enough to fix things herself, and yes, she even likes regex. You can find her on GitHub as lanwench and on LinkedIn. Resource Links: Paula Kingsley on LinkedIn – https://www.linkedin.com/in/paulakingsley/ Paula Kingsley on GitHub – https://github.com/lanwench Connect with Andrew – https://andrewpla.tech/links/ PDQ Discord – https://discord.gg/pdq The PowerShell Podcast on YouTube: https://youtu.be/WLNVCW7S8BE

Hey friends! Today's another Tales of Pentest Pwnage! Quick tangent first on a couple side projects: I've got a music thing at quack.house (like the duck noise, not the drug) and a podcast with my dancer son Atticus at DadOfADancer.com. Speaking of Atticus — he just landed a spot in Master Ballet Academy's summer program in Phoenix, and I am a very proud dance dad over here. OK, on to the pentest: A weird runas quirk: If your AD test account password ends in a percent sign, runas seems to misbehave (Claude thinks Windows is interpreting the % as a variable delimiter). Workaround: runascs.exe, which wraps your tool launch with creds inline. Worked like a champ — notes over on the 7MinSec.wiki. Standard first pass: PingCastle for the AD overview, then Snaffler for share crawling, with Chimas as a nicer web UI for searching the Snaffler JSON. The "Snaffler missed something" moment: Snaffler is great but it primarily uses pattern matching, so manual review of interesting directories still matters. I found a PowerShell script with a funky obfuscation routine, fed it to Claude for context, tracked down the function definition, and ended up decrypting a local admin password. Going loud: SMB-sprayed that cred across the subnets → handful of machines popped → ran a deeper, targeted Snaffler against just those boxes → enumerated sessions and spotted a domain admin interactively logged in. Plan A fizzled: Wanted to pull off a favorite trick — sneak in via WinRM and queue a scheduled task as the logged-in DA (no password needed). WinRM was disabled. Oh fart. Plan B — the "trap" file: Dropped a malicious .library-ms file directly into the DA's desktop folder. No clicks required — just the desktop being open is enough to trigger an HTTP coercion to my evil box. (Caveat: I think you need a DNS record or computer object that the victim box trusts as "intranet zone.") The escalation: Had ntlmrelayx standing by, ready to relay to LDAP on a DC. The coerced auth fired the moment the "trap" file landed on disk. An interactive LDAP shell fired in the DA's context, and I used it to add my low-priv account to the Domain Admins group. Defense angles: Rather than chase each technique individually (LDAP signing, web client GPOs, library-ms neutralization, etc.), I like to back up to the systemic fixes that break the chain earlier. Big ones here: deploy LAPS so a single decrypted local admin password isn't a master key everywhere, and a thorough sweep for sensitive data and custom obfuscation routines hanging out on shares. Got thoughts on any of this? Shoot 'em over — I always love hearing how you'd have tackled things differently.

While working with a customer recently, I heard this sentence: a tool is better than a script. The reference was that this customer preferred a known, tested, approved tool for most of their staff rather than a script built, lightly tested, and perhaps changeable by anyone in their organization. I was surprised, because in many ways, I've depended way more on scripts, more often, than "tools" in my career. Often I struggled to find tools that actually worked in the way I wanted them to and built them myself with Unix shell utilities, VB Script, PowerShell, or some combination of those or other technologies. Read the rest of A Tool is Better than a Script

This episode of the PowerShell Podcast After Dark captures two candid bar-session conversations from the PowerShell and DevOps Global Summit, centered on community, career growth, and the real-world value of putting yourself out there. In the first segment, Josh Dearing talks about attending his first Summit, building PowerShell modules, learning from failure, and using automation to improve systems and processes in higher education. In the second, Jeff Wardlaw reflects on finally attending the event in person, the impact of meeting the people behind the tools and community, and the broader lessons around perspective, technical leadership, communication, and problem-solving. Across both conversations, the theme is clear, PowerShell is not just a toolset, it is a way into a generous technical community where curiosity, experimentation, and shared learning can meaningfully shape a career. The PowerShell Podcast on YouTube: https://youtu.be/NyT_A1hSH_M  

Lucas Allman joins the PowerShell Podcast for a conversation that starts with practical beginner wins and builds into bigger questions about AI, learning, community, and career growth in IT. The episode covers hands-on PowerShell use cases like event logs, scheduled tasks, and writing functions directly in the terminal, then shifts into Lucas's experience as a first-time PowerShell Summit speaker and his evolving perspective on AI as a tool for both productivity and learning. It lands on a strong human note, with Lucas reflecting on impostor syndrome, keeping up with change, and why curiosity and community still matter just as much as technical skill. Key Takeaways: · Event logs are a great early PowerShell win. Lucas walks through using Get-WinEvent to explore logs, filter for errors, search messages, and troubleshoot faster without waiting on the Event Viewer GUI. He also shares a practical tip for reusing XML or XPath filters from Event Viewer inside PowerShell scripts. · You can do more from the terminal than most people realize. Lucas explains how he writes full functions directly in the interactive shell, then saves them with a custom helper function so good code does not disappear when the session closes. It is a simple idea, but it opens the door to faster experimentation and building tools in the flow of work. · AI is changing how technical people work, but not eliminating the need for judgment. A big part of the Summit discussion centered on using AI as a collaborator, not a replacement. Lucas argues that the real opportunity is to offload repetitive work, learn faster, and free up more time for higher-value problem solving, while still applying technical knowledge and critical thinking to the results. Guest Bio: Lucas Allman is an IT automation specialist with a passion for building practical, scalable solutions using PowerShell. With deep experience in endpoint management, configuration as code, and Microsoft cloud services like Intune and Graph API, Lucas focuses on making complex workflows maintainable, secure, and efficient. He's an advocate for knowledge sharing and enjoys helping others level up their scripting and automation skills through real-world examples and interactive problem-solving. He had ChatGPT write this bio and says it's close enough. Resource Links: · Lucas Allman website: https://lucasallman.com · Connect with Andrew: https://andrewpla.tech/links · PDQ Discord: https://discord.gg/PDQ · PowerShell.org GitHub organization: https://github.com/powershellorg The PowerShell Podcast on YouTube: https://youtu.be/kcjkCS0QN64  

Take command of your full app layer in Microsoft Intune. Audit every managed and unmanaged app per device with full metadata — publisher, architecture, disk size, install location, uninstall command — to expose shadow IT before it spreads. Pull curated Win32 apps straight from the Enterprise App Catalog or upload PowerShell .ps1 scripts to control exactly how each app installs. Stage rollouts in rings with Deployment Plans, pause or cancel any deployment in flight, and auto-trust every app you push using App Control for Business with Managed Installer — extending the same trust to new device builds with Autopilot, now up to 25 apps. Keep your fleet current automatically as vendors publish new versions through the Enterprise App Catalog, or trigger updates on demand from the Guided Upgrade Supersedence report. Nicole Zhao, Microsoft Intune Product Manager, shares how to put these built-in enhancements to work across every managed device. *Intune Deployments is currently in private preview. Capabilities shown are subject to change and not yet generally available. Check out aka.ms/RSAC26-Intune-Blog from the RSA Conference for additional security context and guidance when managing apps with Microsoft Intune. ► QUICK LINKS: 00:00 - Built-in app management 00:51 - App Inventory Visibility 01:42 - Enterprise Application Management (EAM) 02:28 - PowerShell Script Installer GA 03:09 - Ring-Based Deployment Plans 04:44 - Managed Installer Auto-Trust 05:39 - Enterprise App Catalog Auto-Update 06:12 - Guided upgrade supersedence 06:50 - Wrap up ► Link References Check out https://aka.ms/IntuneAppManagement ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics  

Bob uses AI tools with Agentic capabilities and talks about how the IT administrator tasks can be automated and managed. By using AI to automate via Powershell or buy using tools such as Open Claw directly.

At the PowerShell and DevOps Global Summit, this after-dark bar session blends casual conversation with a real sense of why the event matters. Brian Quinn talks about returning for his second Summit, filling in PowerShell fundamentals, and bringing back practical skills like remoting, advanced functions, modules, testing, and version control to improve how his team handles identity and access management. Scott Lemonde reflects on what keeps drawing him back, not just the technical knowledge, but the community, the friendships, and the way Summit gives people confidence, perspective, and momentum in their careers. Across both conversations, the theme is clear: PowerShell is not just a tool, it is a shared journey of growth, automation, problem-solving, and finding your people in a field that can otherwise feel pretty isolating. See the PowerShell Podcast on YouTube: https://youtu.be/akrQSKoKjDI  

This episode captures the energy of PowerShell Summit through two conversations, one with Gilbert Sanchez and one with Joshua Dearing. The discussion moves from open source maintenance and the future of PowerShell in AI workflows to the human side of technical communities, including burnout, neurodiversity, mentorship, and the value of showing up in person. It also highlights how PowerShell can change careers over time, not just by teaching syntax, but by opening doors to better communication, stronger community ties, and bigger technical thinking. Key Takeaways: · Community is often the unlock, not just the tooling. Both conversations reinforce that Summit's real value is the people, the hallway conversations, and the sense that learning gets easier when you have others around you who are willing to help. · Sustainable technical growth matters more than short bursts of output. Gilbert talks about burnout, open source maintenance, and creating healthier ways to contribute, while Andrew connects that to ADHD, mental health, and building a career that can last. · PowerShell is a starting point for much bigger opportunities. Joshua's story, from community member to module author, reflects a broader theme in the episode that small steps, taken consistently, can completely reshape what kind of work you can do and who you can become in the field. Guest Bio: Gilbert Sanchez is a Staff Software Development Engineer at Tesla, specifically working on PowerShell. Formerly known as "Señor Systems Engineer" at Meta. A loud advocate for DEI, DevEx, DevOps, and TDD. Resource Links: · PSake: https://psake.dev · Gilbert Sanchez links: https://links.gilbertsanchez.com · Gilbert Sanchez blog: https://gilbertsanchez.com Josh is a systems administrator with a philosophy degree and a helpdesk origin story. He's a speaker, open source contributor, creator of ModuleExplorer, and a PDQ Sysadmin Hall of Fame winner. He's a firm believer that the best script is the one you don't keep to yourself. · Joshua Dearing's website: https://dearing.dev The PowerShell Podcast on YouTube: https://youtu.be/XJAbZgOVMF4    

With PowerShell + DevOps Global Summit 2026 opening this Monday, April 13th, this episode brings back one of the most respected names in the PowerShell community: Jeff Hicks. Andrew sits down with Jeff to dig into what makes the Summit special, the organic community that grew from those earliest events, and what it actually feels like to watch people go from struggling beginners to confident PowerShell practitioners. They also get into the big question hanging over everyone in IT right now: what does AI actually mean for the future of PowerShell professionals? Jeff shares his take on the "squishy bits" of scripting that AI still can't replicate, why learning the core PowerShell paradigm matters more than ever, and how he personally uses AI as a collaborator rather than a shortcut. It's a conversation about community, craft, and what it means to actually know your tools.    Key Takeaways:  Learn the foundation first, tools second. Jeff's consistent message over decades of teaching: don't start with Azure commands or specific modules. Start with the PowerShell paradigm — objects, the pipeline, managing at scale — and the rest becomes much easier to pick up over time.  AI is a co-pilot, not a replacement. Jeff uses AI to get over specific technical hurdles, not to generate finished code. His concern isn't that AI will write bad scripts — it's that the next generation may skip the foundational learning that lets you recognize when AI gets it wrong.  The PowerShell community is genuinely welcoming, and showing up matters. Whether it's Summit, a local user group, or Discord, getting into rooms with other PowerShell people can be a career changer. The hallway conversations are half the value.    Guest Bio:  Jeff Hicks is a veteran IT professional with 35 years of experience, a long-time Microsoft MVP, and one of the most recognized voices in the PowerShell community. He's the author and co-author of several foundational PowerShell books, a Pluralsight course creator, and the publisher of the premium newsletter Behind the PowerShell Pipeline. He's been teaching and writing about PowerShell since the very beginning and continues to focus on the human side of scripting — the parts that go beyond syntax and into craft.    Resource Links:  Jeff Hicks' hub (links to everything): https://jdhitsolutions.github.io  Behind the PowerShell Pipeline (newsletter & book on Leanpub): https://leanpub.com/behind-the-pspipeline  Jeff's Pluralsight courses: https://app.pluralsight.com/profile/author/jeff-hicks  Connect with Andrew: https://andrewpla.tech/links  PowerShell + DevOps Global Summit 2026 (April 13-16, Bellevue, WA): https://www.powershellsummit.org  PDQ Discord (PowerShell scripting channel): https://discord.gg/pdq  PowerShell Wednesday (weekly on PDQ's YouTube/Discord): https://www.youtube.com/watch?v=5vdfFswmREQ&list=PL1mL90yFExsix-L0havb8SbZXoYRPol0B&pp=0gcJCbcEOCosWNin  The PowerShell Podcast on YouTube: https://youtu.be/ceB-3QGbvBA 

Andrew welcomes back Dual MVP and Intune aficionado Hailey Phillips for a wide-ranging conversation covering her project IntuneStack, the value of DevOps principles in endpoint management, and the mindset behind consistent skill-building. The two dig into conference culture, the importance of community, mentorship, and why showing up every day — even for just ten minutes — matters more than waiting for inspiration to strike. Key Takeaways: IntuneStack in action: Hailey's CI/CD-influenced PowerShell project manages Intune policy deployment across dev, test, and prod groups using promotion gates rather than expensive separate tenants — a more resilient, consistent, and auditable approach to endpoint management. Consistency over inspiration: Whether it's PowerShell, the gym, or mentoring, Hailey's philosophy is the same: stop waiting to feel motivated and just start small. Ten minutes a day compounds over time, and momentum is something you build, not something you wait for. Community is a career asset: Conferences like PowerShell Summit and PSConfEU aren't just about the sessions — they're about building a support system. Having people who can sanity-check your thinking is one of the most underrated advantages in a tech career. Guest Bio: Hailey Phillips is a Systems Engineer, Microsoft MVP, and Professional Pokémon Trainer. She specializes in automation, endpoint management, and modern workplace strategy, bridging the gap between traditional IT and DevOps. Hailey's work focuses on building pragmatic, scalable solutions using tools like PowerShell, Microsoft Graph, Intune, and Azure Arc. When she's not deep in tech, you'll probably find her skiing in the Cascades, lifting heavy things, or at a metalcore show with a strong cup of coffee in hand. Resource Links: Intune Stack on GitHub - https://github.com/AllwaysHyPe/IntuneStack Practical Automation with PowerShell by Matthew Dost - https://www.manning.com/books/practical-automation-with-powershell GliderUI Cross-platform GUIs - https://github.com/mdgrs-mei/GliderUI PDQ Discord - https://discord.gg/pdq Hailey Phillips Website - https://www.allwayshype.com/ Connect with Andrew - https://andrewpla.tech/links The PowerShell Podcast on YouTube: https://youtu.be/L97ePN7UtGY

Andrew welcomes back Morten Mynster for a follow-up conversation that's essentially a highlight reel of one Morten's public journey over the past year. Morten shares updates on three PowerShell modules he's released, including his standout LeastPrivilegedMSGraph module, and walks through a security issue he discovered and responsibly reported to Microsoft. Along the way, Andrew and Morten reflect on how putting your work out publicly can lead to unexpected career wins, how AI is reshaping the way people learn and write code, and why getting hands-on is still the best way to actually understand anything. Morten is also two weeks into a new job as a cybersecurity consultant, which came directly from his open-source work. Key Takeaways: Publishing your work publicly, even to a small audience, creates opportunities that a resume never could. Morten landed a job offer without ever applying, simply because someone found his module on LinkedIn. The best way to learn something technical is still to get hands-on with it. Reading about it is rarely enough, whether that's PowerShell, APIs, or anything else in IT. AI is a powerful accelerator, but over-relying on it without a foundational understanding means you won't be able to fix things when they break, and you risk introducing security vulnerabilities you don't even recognize. Guest Bio: Morten Mynster is a cybersecurity consultant and an active member of the PowerShell and security community. Over the past year, he's published three PowerShell modules focused on Microsoft Graph permissions and actionable messages in Outlook, discovered and reported a security vulnerability to Microsoft, and begun public speaking. He blogs at mynster9361.github.io and is active on LinkedIn and Discord. Resource Links: Andrew's Links: https://andrewpla.tech/links PDQ Discord: discord.gg/PDQ Morten's Blog: mynster9361.github.io Morten on LinkedIn: https://www.linkedin.com/in/mortenmynster/ Least Privileged MS Graph Module (GitHub): github.com/Mynster9361/Least_Privileged_MSGraph Actionable Messages Module (GitHub): github.com/Mynster9361/ActionableMessages Actionable Messages Module blog post: mynster9361.github.io/posts/ActionableMessagesModule PowerShell + DevOps Global Summit: powershellsummit.org PowerShell Conference Europe (PSConfEU): psconf.eu The PowerShell Podcast on YouTube: https://youtu.be/VIEbain7IIg

K-12 IT veteran Chris Thomas joins The PowerShell Podcast to share his 26-year journey in educational technology, from a high school IT internship to becoming an Endpoint Cloud Systems Architect supporting multiple school districts in Michigan. Chris discusses how PowerShell helped him automate identity management, investigate network incidents, and streamline large-scale IT operations across complex school environments. The conversation also dives into mentorship, Don Jones' influence through Be the Master, the value of community involvement, and the mental health challenges IT professionals face. Chris shares practical lessons on automation, presenting at conferences, overcoming imposter syndrome, and how putting yourself out there can open doors throughout your career. Key Takeaways: • PowerShell fundamentals unlock huge opportunities — learning commands like Get-Command, Get-Help, Get-Member, and Get-Module can help you explore and automate almost anything. • Automation is essential in resource-constrained environments like K-12 IT where staff wear many hats and must support large systems with limited manpower. • Community participation accelerates growth — presenting, attending conferences, and contributing scripts can build confidence, connections, and career momentum. Guest Bio: Chris Thomas is an Endpoint Cloud Systems Architect supporting multiple K-12 school districts in Michigan through a regional educational service agency. With more than two decades of experience in educational IT, Chris focuses on automation, endpoint management, and infrastructure architecture. He is an active contributor to the Michigan K-12 technology community, regularly presenting at conferences such as MAEDS and MMS/MOA, and sharing PowerShell scripts and tools through his GitHub projects. Resource Links: Chris Thomas GitHub – https://github.com/chrisATautomatemystuff Connect with Andrew - https://andrewpla.tech/links PowerShell App Deployment Toolkit – https://psappdeploytoolkit.com Learn PowerShell in a Month of Lunches – https://www.manning.com/books/learn-powershell-in-a-month-of-lunches PDQ Discord – https://discord.gg/PDQ MAEDS Conference – https://maeds.org MMS / MOA Conference – https://mmsmoa.com The PowerShell Podcast on YouTube: https://youtu.be/k4n6FWzDPUk  

Big thanks to ‪@ThreatLocker‬ for sponsoring my trip to ZTW26 and also for sponsoring this video. To start your free trial with ThreatLocker please use the following link: https://www.threatlocker.com/davidbombal Discover how easily hackers prompt engineer malware in 2026. Kieran Human from ThreatLocker demonstrates bypassing Microsoft Copilot guardrails to write PowerShell ransomware. // Kieran Human's SOCIAL // LinkedIn: / kieran-human-5495ab170 // GitHub page REFERENCE // https://github.com/ztwAdmin/ZTW-2026 // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 0:17 - Intro 01:00 - Demo 01:37 - Sponsored by Threatlocker 01:55 - Demo continued 07:38 - Where to Find these Tools 08:38 - Disclaimer 09:33 - Outro Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #threatlocker #copilot #locallm

How do you find insecure permissions in Active Directory before they turn into attack paths?In this episode, we take a practical look at how to identify insecure Active Directory permissions using ADeleg, a free security tool trusted by penetration testers.Misconfigured delegation and overly permissive access rights are a common source of risk in Active Directory environments. These gaps can create hidden attack paths—but many teams don't know where to look or how to interpret what they're seeing.In this episode, we cover:How to identify insecure permissions in Active DirectoryWhat to look for in high-risk users and groups like Domain Users, Everyone, and Authenticated UsersHow these misconfigurations translate into real-world attack pathsHow to use ADeleg to analyze delegated permissions and uncover hidden riskWe also include a reference to ADeleginator, a related tool that can help automate parts of this process using PowerShell. While this episode focuses on hands-on analysis with ADeleg, ADeleginator is a useful companion for scaling this work.Tools referenced:ADeleg: https://github.com/mtth-bfft/adelegBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpovFollow Spencer on social ⬇Spencer's Links: https://spenceralessi.comWork with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.

Security professional Mason Moser joins The PowerShell Podcast to share his journey from discovering PowerShell through Learn PowerShell in a Month of Lunches to building real-world automation tools in a security environment. Mason talks about how starting slowly, returning to PowerShell after a break, and consistently building small tools helped him gain confidence and deepen his skills. The conversation also explores the value of community involvement, overcoming imposter syndrome, presenting technical topics publicly, and practical workflows for security and scripting. Mason discusses using Git with AI-assisted coding, building internal PowerShell tools for teams, and how small daily automation tasks can steadily build long-term PowerShell expertise. Key Takeaways: • Start small and stay consistent — even simple scripts like cleaning up files or automating routine tasks build real PowerShell confidence over time. • Community involvement accelerates learning — asking thoughtful questions, sharing tools, and participating in discussions can dramatically improve your growth. • Git is essential when working with AI-generated code — committing changes frequently makes it easier to review, rollback, and understand modifications AI tools produce. Guest Bio: Mason Moser is a security professional based in Oklahoma who focuses on automation, governance, and risk within the electric utility industry. With a background in programming and security operations, Mason uses PowerShell to build internal tooling, streamline security workflows, and improve operational efficiency. He is an active participant in the PowerShell community and recently presented a PowerShell Wednesday session on Vim and keyboard-driven development workflows. Resource Links: Learn PowerShell in a Month of Lunches – https://www.manning.com/books/learn-powershell-in-a-month-of-lunches PDQ Discord – https://discord.gg/PDQ Connect with Andrew - https://andrewpla.tech/links PowerShell Wednesdays – https://www.youtube.com/@PDQ Vim Editor – https://www.vim.org The PowerShell Podcast on YouTube: https://youtu.be/7EtWrrblKMw

A living off the land attack is one of the sneakiest techniques in a ransomware operator's playbook — and in this episode, Dr. Mike Saylor breaks down exactly what it is, how it works, and what your organization can actually do about it.Instead of bringing their own tools into your environment (which might trip your alarms), attackers just use what's already there. PowerShell. WMI. RDP. The same tools your admins run every single day. To your monitoring systems, it looks completely normal. That's the whole point.Mike and Curtis cover why attackers prefer your tools over their own, how recon can quietly run for 30 to 90 days before the attack goes loud, and what defenders can actually do about it — removing admin privileges, system hardening, golden images, application whitelisting, and free tools like Nmap and Wireshark. There's also a match.com story involving organized crime and a wooden casket on someone's front porch that you really don't want to miss.0:00 - Intro1:21 - Welcome and Book Announcement3:28 - What Is a Living Off the Land Attack?5:38 - Real-World Example: Conti Ransomware and WMI8:12 - Why Attackers Use Your Tools Instead of Their Own13:05 - Admin Privileges: Best Practice vs. Reality17:31 - The Louvre Heist Analogy20:08 - Recon Phase: Low and Slow24:16 - What Defenders Can Do25:55 - RDP and Remote Access29:48 - The Recon Timeline: 30-90 Days30:48 - PowerShell and System Hardening34:10 - Network Discovery Tools (Nmap and Wireshark)37:37 - Application Whitelisting and Geo IP Blocking42:08 - Action Items and Wrap-Up

Interview with Anna Pham Breaking in with ClickFix: Anatomy of a modern endpoint attack Cybersecurity company Huntress just published a report on a new ClickFix variant they've discovered, which they've dubbed CrashFix. This technique was developed by KongTuke to serve as the primary lure within a new custom malicious browser extension also created by the group. In short, the team observed the threat actors using KongTuke's malicious browser extension to display a fake security warning, claiming the browser had “stopped abnormally” and prompting users to run a “scan” to remediate the threats. Upon “running the scan,” the user is presented with a fake “Security issues detected” alert and instructed to manually “fix” the issue by opening the Windows Run dialog, pasting from their clipboard, and pressing Enter. The malicious extension silently copies a PowerShell command to the clipboard, disguised as a legitimate repair command. From there, they execute the malicious command. Segment Resources: BLOG - Dissecting CrashFix: KongTuke's New Toy Interview with David Zendzian Continuous compliance and real security lifecycle management Supply chain attacks are not just on the rise; attackers are learning from the past, making these attacks even more effective and dangerous than before. It was just over a month ago when the Shai-Hulud attack first impacted NPM packages, forcing enterprises around the world into lockdown. While only 187 packages were compromised in that initial incident, it served as a wake-up call for many: an accurate inventory of systems is good, but a clear, real-time Software Bill of Materials (SBOM) for applications is non-negotiable. In this world of manifest based infrastructure and container based applications with (real) "devsecops", the dream of continuous upgrades of OS/Runtime/Stack/App and App Dependencies is very mature and there are solid examples of companies and federal entities managing this at scale without thousands of teams and people. Segment Resources: BLOG - Supply Chain Security: How accurate SBOMs can deliver proactive threat mitigation Interview with Jacob Horne CMMC Phase 1 Enforcement — What the November 10 Deadline Means for the Defense Supply Chain With the upcoming CMMC Phase 1 enforcement on November 10, cybersecurity teams across the defense and federal supply chain are facing new compliance requirements that directly affect contract eligibility and data-protection standards. Jacob Horne, Chief Cybersecurity Evangelist at Summit 7, can break down what this milestone means for enterprise security leaders, MSPs/MSSPs, and contractors preparing for audits. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-449

Returning guest and Microsoft MVP Jim Tyler joins The PowerShell Podcast to talk Zero Trust security, K–12 IT leadership, open-source tooling, and building technology that serves real-world needs. Jim shares how he uses PowerShell to proactively harden school environments, including his Ghost module for endpoint lockdown and his Chrome extension You Shall Not Pass for classroom device management. Beyond security, the conversation dives into Jim's assistive technology project TapSpeak, a free AAC communication app designed to help nonverbal students speak without financial barriers. From community leadership and public service to certifications and content creation, this episode explores how technical skills can scale far beyond scripts—and into meaningful impact. Key Takeaways: • Zero Trust starts with proactive hardening – Tools like Jim's Ghost module help limit lateral movement, restrict protocols, and reduce attack surfaces before incidents occur. • Technical skills are force multipliers – From Chrome extensions to iOS apps, PowerShell knowledge and coding fundamentals translate into broader impact across platforms. • Community contribution compounds over time – Whether serving on public boards, mentoring, or publishing tools for free, consistent service builds trust, opportunity, and long-term influence. Guest Bio: Jim Tyler is an IT Director for Niles Community Schools in Michigan and a Microsoft MVP known for practical automation and security tooling in K–12 environments. He is the creator of the Ghost PowerShell security module, the You Shall Not Pass Chrome extension, and the free AAC communication project TapSpeak. Beyond IT, Jim serves in multiple public leadership roles, coaches youth sports, and actively contributes to the PowerShell community through his newsletter PowerShell News and technical content. Resource Links: • PowerShell News Newsletter – https://powershell.news • Jim Tyler on YouTube – https://www.youtube.com/@jimrtyler • Connect with Andrew - https://andrewpla.tech/links • Ghost PowerShell Module – https://github.com/jimrtyler/ghost • You Shall Not Pass Chrome Extension – https://chromewebstore.google.com/detail/you-shall-not-pass-by-jim/efggnkbeomjjanjmghbadggegjemogee • TapSpeak – https://tapspeak.org • PDQ Discord – https://discord.gg/PDQ   The PowerShell Podcast on YouTube: https://youtu.be/0q3Y0mMjWF4  

Interview with Anna Pham Breaking in with ClickFix: Anatomy of a modern endpoint attack Cybersecurity company Huntress just published a report on a new ClickFix variant they've discovered, which they've dubbed CrashFix. This technique was developed by KongTuke to serve as the primary lure within a new custom malicious browser extension also created by the group. In short, the team observed the threat actors using KongTuke's malicious browser extension to display a fake security warning, claiming the browser had "stopped abnormally" and prompting users to run a "scan" to remediate the threats. Upon "running the scan," the user is presented with a fake "Security issues detected" alert and instructed to manually "fix" the issue by opening the Windows Run dialog, pasting from their clipboard, and pressing Enter. The malicious extension silently copies a PowerShell command to the clipboard, disguised as a legitimate repair command. From there, they execute the malicious command. Segment Resources: BLOG - Dissecting CrashFix: KongTuke's New Toy Interview with David Zendzian Continuous compliance and real security lifecycle management Supply chain attacks are not just on the rise; attackers are learning from the past, making these attacks even more effective and dangerous than before. It was just over a month ago when the Shai-Hulud attack first impacted NPM packages, forcing enterprises around the world into lockdown. While only 187 packages were compromised in that initial incident, it served as a wake-up call for many: an accurate inventory of systems is good, but a clear, real-time Software Bill of Materials (SBOM) for applications is non-negotiable. In this world of manifest based infrastructure and container based applications with (real) "devsecops", the dream of continuous upgrades of OS/Runtime/Stack/App and App Dependencies is very mature and there are solid examples of companies and federal entities managing this at scale without thousands of teams and people. Segment Resources: BLOG - Supply Chain Security: How accurate SBOMs can deliver proactive threat mitigation Interview with Jacob Horne CMMC Phase 1 Enforcement — What the November 10 Deadline Means for the Defense Supply Chain With the upcoming CMMC Phase 1 enforcement on November 10, cybersecurity teams across the defense and federal supply chain are facing new compliance requirements that directly affect contract eligibility and data-protection standards. Jacob Horne, Chief Cybersecurity Evangelist at Summit 7, can break down what this milestone means for enterprise security leaders, MSPs/MSSPs, and contractors preparing for audits. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-449

Interview with Anna Pham Breaking in with ClickFix: Anatomy of a modern endpoint attack Cybersecurity company Huntress just published a report on a new ClickFix variant they've discovered, which they've dubbed CrashFix. This technique was developed by KongTuke to serve as the primary lure within a new custom malicious browser extension also created by the group. In short, the team observed the threat actors using KongTuke's malicious browser extension to display a fake security warning, claiming the browser had "stopped abnormally" and prompting users to run a "scan" to remediate the threats. Upon "running the scan," the user is presented with a fake "Security issues detected" alert and instructed to manually "fix" the issue by opening the Windows Run dialog, pasting from their clipboard, and pressing Enter. The malicious extension silently copies a PowerShell command to the clipboard, disguised as a legitimate repair command. From there, they execute the malicious command. Segment Resources: BLOG - Dissecting CrashFix: KongTuke's New Toy Interview with David Zendzian Continuous compliance and real security lifecycle management Supply chain attacks are not just on the rise; attackers are learning from the past, making these attacks even more effective and dangerous than before. It was just over a month ago when the Shai-Hulud attack first impacted NPM packages, forcing enterprises around the world into lockdown. While only 187 packages were compromised in that initial incident, it served as a wake-up call for many: an accurate inventory of systems is good, but a clear, real-time Software Bill of Materials (SBOM) for applications is non-negotiable. In this world of manifest based infrastructure and container based applications with (real) "devsecops", the dream of continuous upgrades of OS/Runtime/Stack/App and App Dependencies is very mature and there are solid examples of companies and federal entities managing this at scale without thousands of teams and people. Segment Resources: BLOG - Supply Chain Security: How accurate SBOMs can deliver proactive threat mitigation Interview with Jacob Horne CMMC Phase 1 Enforcement — What the November 10 Deadline Means for the Defense Supply Chain With the upcoming CMMC Phase 1 enforcement on November 10, cybersecurity teams across the defense and federal supply chain are facing new compliance requirements that directly affect contract eligibility and data-protection standards. Jacob Horne, Chief Cybersecurity Evangelist at Summit 7, can break down what this milestone means for enterprise security leaders, MSPs/MSSPs, and contractors preparing for audits. Show Notes: https://securityweekly.com/esw-449

Interview with Anna Pham Breaking in with ClickFix: Anatomy of a modern endpoint attack Cybersecurity company Huntress just published a report on a new ClickFix variant they've discovered, which they've dubbed CrashFix. This technique was developed by KongTuke to serve as the primary lure within a new custom malicious browser extension also created by the group. In short, the team observed the threat actors using KongTuke's malicious browser extension to display a fake security warning, claiming the browser had "stopped abnormally" and prompting users to run a "scan" to remediate the threats. Upon "running the scan," the user is presented with a fake "Security issues detected" alert and instructed to manually "fix" the issue by opening the Windows Run dialog, pasting from their clipboard, and pressing Enter. The malicious extension silently copies a PowerShell command to the clipboard, disguised as a legitimate repair command. From there, they execute the malicious command. Segment Resources: BLOG - Dissecting CrashFix: KongTuke's New Toy Interview with David Zendzian Continuous compliance and real security lifecycle management Supply chain attacks are not just on the rise; attackers are learning from the past, making these attacks even more effective and dangerous than before. It was just over a month ago when the Shai-Hulud attack first impacted NPM packages, forcing enterprises around the world into lockdown. While only 187 packages were compromised in that initial incident, it served as a wake-up call for many: an accurate inventory of systems is good, but a clear, real-time Software Bill of Materials (SBOM) for applications is non-negotiable. In this world of manifest based infrastructure and container based applications with (real) "devsecops", the dream of continuous upgrades of OS/Runtime/Stack/App and App Dependencies is very mature and there are solid examples of companies and federal entities managing this at scale without thousands of teams and people. Segment Resources: BLOG - Supply Chain Security: How accurate SBOMs can deliver proactive threat mitigation Interview with Jacob Horne CMMC Phase 1 Enforcement — What the November 10 Deadline Means for the Defense Supply Chain With the upcoming CMMC Phase 1 enforcement on November 10, cybersecurity teams across the defense and federal supply chain are facing new compliance requirements that directly affect contract eligibility and data-protection standards. Jacob Horne, Chief Cybersecurity Evangelist at Summit 7, can break down what this milestone means for enterprise security leaders, MSPs/MSSPs, and contractors preparing for audits. Show Notes: https://securityweekly.com/esw-449

Everyone's chasing the next big model drop.

Long-time Microsoft MVP and consultant Richard Hicks joins The PowerShell Podcast to talk about ADCS security, PKI misconfigurations, and why PowerShell is a consultant's ultimate force multiplier. Richard shares real-world stories from auditing enterprise certificate environments, explains how simple template mistakes can lead to full domain compromise, and walks through tools like Locksmith that help administrators quickly identify dangerous configurations. The conversation also explores Richard's open-source PowerShell work, including his widely downloaded Get-UEFICertificate script for Secure Boot certificate expiration issues and his new ADPrincipalCertificate module for cleaning up unnecessary certificates published in Active Directory. Along the way, Richard reflects on career growth, publishing, consulting, and why sharing knowledge openly has been one of the biggest drivers of his long-term success. Key Takeaways: • ADCS is easy to deploy but difficult to secure — Misconfigured certificate templates, especially ESC1 scenarios, can allow instant privilege escalation and domain compromise. • PowerShell turns repetitive work into reusable tools — From UEFI certificate auditing to Active Directory cleanup, scripting creates consistency and prevents human error. • Sharing expertise compounds over time — Blogging, publishing modules, and speaking at conferences builds credibility, community, and long-term career momentum. Guest Bio: Richard Hicks is the founder and principal consultant of Richard M. Hicks Consulting, Inc. A Microsoft MVP with over 30 years of experience, he specializes in secure remote access and PKI, helping organizations deliver secure, high-performing access for today's mobile workforce. Resource Links: Richard Hicks Website – https://richardhicks.com Connect with Richard – https://richardhicks.com/connect Connect with Andrew: https://andrewpla.tech/links Get-UEFICertificate Script – https://www.powershellgallery.com/packages/Get-UEFICertificate ADPrincipalCertificate Module – https://www.powershellgallery.com/packages/ADPrincipalCertificate Locksmith ADCS Audit Tool – https://github.com/jakehildreth/Locksmith PDQ Discord – https://discord.gg/PDQ PowerShell Wednesdays – https://www.youtube.com/watch?v=Oa0GYX9_vj8&list=PL1mL90yFExsix-L0havb8SbZXoYRPol0B&pp=sAgC The PowerShell Podcast on YouTube: https://youtu.be/4HYCAjQS2W8  

In this episode of The PowerShell Podcast, Andrew Pla sits down with Pablo Correchel, an early-career IT professional who is publicly documenting his PowerShell and learning journey. Just one year into his first help desk role while studying cybersecurity, Pablo shares how consistent practice, sharing what you learn, and embracing beginner questions have accelerated his learning. The conversation explores escaping “tutorial hell,” using AI as a learning tool instead of a shortcut, understanding objects and the pipeline, and why putting yourself out there is one of the fastest ways to grow in tech. This episode is a reminder that you don't have to be an expert to contribute... You just have to start. Key Takeaways: • Learning in public accelerates growth – Sharing small wins and exercises builds confidence, invites mentorship, and creates unexpected opportunities. • Understand the fundamentals deeply – Concepts like objects, the pipeline, Get-Help, Get-Member, and Get-Command form the foundation for long-term PowerShell success. • Use AI strategically – Treat AI as a tutor that challenges you, not a script generator that robs you of learning. Guest Bio: Pablo Correchel is an IT support professional based in Florida and a cybersecurity student at St. Petersburg College. With interests spanning cybersecurity, coding, cloud, and Windows environments, Pablo represents the next generation of IT professionals building skills through curiosity, consistency, and community. Resource Links: • Pablo Correchel on LinkedIn – https://www.linkedin.com/in/pablocorrechel • Connect with Andrew - https://andrewpla.tech/links • PDQ Discord – https://discord.gg/PDQ • Learn PowerShell in a Month of Lunches – https://www.manning.com/series/learn-powershell-in-a-month-of-lunches • PowerShell Wednesdays – https://www.youtube.com/watch?v=YdV6Qecn9v0&list=PL1mL90yFExsix-L0havb8SbZXoYRPol0B • The PowerShell Podcast on YouTube – https://youtu.be/JXgEwLfvwkk

On this episode, I go into several stories related to criticism of European Commission regulations, various security related stories, upcoming enhancements for PowerShell and much more! Reference Links: https://www.rorymon.com/blog/criticisms-of-eu-regulations-increase-new-script-library-feature-for-defender-it-nightmare-story/

In this episode of The PowerShell Podcast, Andrew Pla is joined by Tara, a longtime IT professional who has officially started her PowerShell learning journey. Tara shares her honest experience transitioning from a GUI-first mindset to learning PowerShell fundamentals, including objects, verb-noun commands, variables, pipelines, and error messages. The conversation captures the real emotions of learning something new later in a career—confusion, frustration, breakthroughs, and growing confidence. The episode also explores learning strategies like daily practice, flashcards, typing commands instead of copying, and asking “beginner” questions without fear. Andrew and Tara emphasize the importance of community, mentorship, growth mindset, and psychological safety, encouraging listeners that learning PowerShell doesn't require perfection—just consistency, curiosity, and support. Key Takeaways: Learning PowerShell deepens your understanding of IT as a whole, not just scripting, especially through concepts like objects, properties, and methods. Consistency beats intensity — small daily practice, repetition, and typing commands manually build real confidence over time. Community changes everything — asking questions, sharing struggles, and learning publicly makes progress faster and far more enjoyable. Guest Bio: Tara Sinquefield is an experienced IT professional and PDQ team member who is publicly documenting her PowerShell learning journey. Known for her honesty, curiosity, and willingness to ask the questions others may be afraid to ask, Tara represents the many IT pros who are discovering PowerShell later in their careers. Her journey highlights how learning fundamentals can unlock deeper technical understanding, confidence, and new opportunities. She is also a host of PDQ Live every week Resource Links: PDQ Discord – https://discord.gg/PDQ Tara's LinkedIn - https://www.linkedin.com/in/tara-sinquefield-894a1a215/ Connect with Andrew - https://andrewpla.tech/links Tara Writes Her First Script: https://www.youtube.com/watch?v=Oa0GYX9_vj8 PowerShell Conference Europe – https://psconf.eu PowerShell + DevOps Global Summit – https://powershellsummit.org The PowerShell Podcast on YouTube: https://youtu.be/ZaPoS4mGW7s  

Welcome to Episode 421 of the Microsoft Cloud IT Pro Podcast. In this episode Ben sits down for a conversation with Frank Lesniak, the lead of the Microsoft 365 team at West Monroe. In this episode, they dive into the intricacies of mergers and divestitures within Microsoft 365 environments. They discuss the initial due diligence phase, planning and approach, building and configuring new environments, and the final migration and cutover phase. Frank shares insights on common challenges such as integration of different licensing models, the handling of workstations and applications, and the importance of security assessments. The episode provides a detailed look at the methodology and tools used by Frank’s team to streamline these complex processes. Your support makes this show possible! Please consider becoming a premium member for access to live shows and more. Check out our membership options. Show Notes Frank Lesniak on LinkedIn West Monroe Frank Lesniak Github Microsoft 365 tenant-to-tenant migrations Microsoft 365 inter-tenant collaboration Tenant life cycle considerations in multitenant solutions Frank Lesniak Frank Lesniak is a Sr. Cybersecurity & Enterprise Technology Architect at West Monroe with nearly 20 years of experience leading consulting engagements involving Microsoft infrastructure technology. His expertise spans modern cloud systems like Azure, Microsoft 365, and Entra ID to classic platforms like Windows Server, Active Directory, and SQL Server. His recent focus has been on Microsoft platform cybersecurity and automating technical processes using PowerShell. In his role, Frank establishes technical project methodologies, leads teams, automates associated processes, and creates internal software products at West Monroe and in the open-source community. About the sponsors Would you like to become the irreplaceable Microsoft 365 resource for your organization? Let us know!

Agents will soon retrieve data from MCP servers and offer formatting options you can interact with. The Copilot "preview pane" opens Word, Excel, and PowerPoint alongside your M365 Chat results. Viva Engage introduces a way to hide your colleagues messages from your feed. What else landed this week? 0:00 Welcome 1:55 Open Word, Excel, and PowerPoint Files in Microsoft 365 Copilot Chat - MC1225199 4:03 Microsoft Teams: Teams Live Events is retiring - MC1226495 8:17 Enhancing Model Context Protocol (MCP) based agents with rich interactive UI widgets support - MC1227627 14:00 Viva Engage: New option to hide a user's messages - MC1226225 21:11 Drawn electronic signatures with eSignature for Microsoft 365 - MC1225195 24:09 Change meeting organizer via PowerShell cmdlet in Exchange Online - MC1227623

Microsoft MVP Harm Veenstra, creator of PowerShellIsFun.com, joins The PowerShell Podcast to talk about productivity, consistency, and why PowerShell really is fun. Harm shares how blogging regularly helped accelerate his learning, improve his workflow, and deepen his connection to the community. He also discusses his recent transition to macOS, how he uses PowerShell across Mac, Linux, and Windows, and why modern PowerShell is far more cross-platform than many people realize. The conversation dives into VS Code extensions, GitHub Codespaces, WSL, Nerdfonts, and practical terminal setups, along with honest thoughts on AI-generated scripts, learning the hard way, and why asking questions publicly is one of the fastest paths to growth. Key Takeaways: Consistency beats perfection – Having a repeatable workflow for writing, scripting, or learning makes long-term progress almost automatic. PowerShell is truly cross-platform – Running PowerShell on macOS, Linux, WSL, and containers unlocks powerful workflows beyond Windows-only thinking. Community accelerates everything – Asking questions, sharing small discoveries, and contributing publicly leads to faster learning, confidence, and career growth. Guest Bio: Harm Veenstra is a Microsoft MVP, consultant, blogger, and community contributor best known for PowerShellIsFun.com, where he publishes frequent, practical PowerShell content. He is an active participant in the PowerShell community and a regular conference attendee and speaker. Resource Links: PowerShell Is Fun – https://powershellisfun.com Connect with Andrew - https://andrewpla.tech/links Install Nerdfonts with PowerShell – https://powershellisfun.com/2026/01/30/install-nerdfonts-using-powershell/ GitHub Codespaces – https://github.com/features/codespaces PowerShell Conference Europe – https://psconf.eu PDQ Discord – https://discord.gg/PDQ Fred's Module Building PS Wednesday – https://www.youtube.com/watch?v=ZAjtbZktL8w The PowerShell Podcast on YouTube: https://youtu.be/V6kWnmrHOms

Recently retired PowerShell icon Don Jones joins The PowerShell Podcast for a wide-ranging conversation on career ownership, community leadership, and building a life that aligns with what you actually value. Don reflects on the difference between your job and your career, why investing in yourself pays off, and how asking better questions can change the way you influence decisions at work. The episode also dives into Don's journey as a fiction author, his role in shaping the PowerShell community and Summit culture, and why real success comes from clarity, kindness, and helping others win.   Key Takeaways: • Your employer owns your job, but you own your career—define your destination and build the skills to get there. • Strong careers are built on outcomes, not tools—focus on saving time, reducing errors, and delivering measurable business value. • Community scales when you empower others—create space for people to contribute, own wins, and multiply the impact beyond yourself.   Guest Bio: Don Jones is a foundational figure in the PowerShell community, known for his decades of teaching, writing, and advocacy for automation and professional growth. A former Microsoft MVP, Don co-authored the widely influential Learn PowerShell in a Month of Lunches series and helped shape community culture through conferences, mentorship, and leadership. Now retired from full-time work, Don continues writing and publishing fiction, bringing the same clarity and craft to storytelling that made his technical teaching so impactful.   Resource Links: • Don Jones Website and Books – https://donjones.com Andrew's links: https://andrewpla.tech/links • PowerShell + DevOps Global Summit – https://powershellsummit.org • Tech Impact (nonprofit mentioned) – https://techimpact.org • PowerShell.org – https://powershell.org • PDQ Discord – https://discord.gg/PDQ • PowerShell Wednesdays – https://www.youtube.com/results?search_query=PowerShell+Wednesdays The PowerShell Podcast on YouTube: https://youtu.be/xKh8rqCqMQg  

After two months of accumulated Qs, we felt we still had plenty of As to dispense, so we're wheeling back around to a supplemental questions episode this week, touching on such topics as generating negative mileage in an EV, what the iOS low battery mode actually does, tiny network racks for your desk, a shocking amount of discussion about shells like zsh, fish, PowerShell and Nushell, the whereabouts of Intel's successor to the Alder Lake-N... and, for that matter, why (nearly) everything at Intel is a Lake.The Voyager documentary It's Quieter in the Twilight: https://www.youtube.com/watch?v=RIP1p5gAoak Support the Pod! Contribute to the Tech Pod Patreon and get access to our booming Discord, a monthly bonus episode, your name in the credits, and other great benefits! You can support the show at: https://patreon.com/techpod

Business Process Automation has been around a long time - what are the latest approaches? Richard talks to Ian Cooper about his work building BPA workflows in organizations - starting on paper or a whiteboard to make sense of the process before bringing tools into the equation. Ian talks about building repeatable workflows that are well-documented and source-controlled, typically through GitHub. As workflows get more complex, you'll need orchestration engines that can handle failures and provide telemetry to identify when and where things go wrong. And make sure you let users know how things are going - or they will worry! LinksKafkaDurable FunctionsGitHub ActionsTemporalPulumiOpenTelemetryRecorded December 5, 2025

Microsoft Defender is often treated as “good enough” security—built in, always on, and quietly doing its job. But what happens when malware convinces Windows to turn it off without triggering alarms?In this episode, cybersecurity expert Tyler Mofitt breaks down a real-world Windows malware campaign that disables Defender before anything else happens. No zero-days. No flashy exploits. Just a quiet abuse of built-in trust that causes Windows to step aside its own protection.He walks through how shortcut files, PowerShell, and legitimate cloud services are used to blend into normal activity, why Defender doesn't fail so much as follow the rules, and what defenders should be watching for when “installed” doesn't always mean “active.”A conversation about assumptions, visibility, and why the most dangerous attacks don't look dangerous at all.Link mentioned in the episode -  threat intel hub with all the latest trends and stories going on with threat intelligence.https://community.opentextcybersecurity.com/As featured on Million Podcasts' Best 100 Cybersecurity Podcasts Top 50 Chief Information Security Officer CISO Podcasts Top 70 Security Hacking Podcasts This list is the most comprehensive ranking of Cyber Security Podcasts online and we are honoured to feature amongst the best! Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com

Newly minted Microsoft MVP David Sass joins The PowerShell Podcast to talk about PowerShell notebooks, terminal tooling, and making automation approachable for teams that are hesitant to touch the console. David shares how he uses Jupyter/PowerShell notebooks as a practical “click-to-run” interface for colleagues, helping them safely run approved automation while keeping the logic documented, repeatable, and under source control. The conversation also dives into incident response automation, David's journey from SharePoint engineering into security, and the surprising ways PowerShell can be used across Windows, cloud, and even Raspberry Pi lab clusters—while still staying focused on knowledge-sharing and building systems that don't depend on one person.   Key Takeaways: • Notebooks can remove friction for teams — combining documentation, code, and saved output creates a safer way for others to run automation without needing deep PowerShell confidence.David Sass Podcast • PowerShell scales incident response workflows — David explains how notebooks can log in, pull incidents, enrich data, and even auto-close noise, reducing UI-click fatigue for analysts.David Sass Podcast • Teaching makes you promotable — sharing knowledge reduces dependency on you, strengthens the team, and makes it easier for a business to grow your role without risk.   Guest Bio: David is a Microsoft MVP and highly skilled SharePoint Guy who is focusing on Automation, Compliance, Security, Operational Excellence, Quality Assurance and hacking the unexpected out from the technology stack.   Resource Links: David's link hub – https://davidsass.io/ Andrew's links - https://andrewpla.tech/links PowerShell Spectre Console – https://pwshspectreconsole.com/ PowerShell Wednesdays – https://www.youtube.com/results?search_query=PowerShell+Wednesdays PDQ Discord – https://discord.gg/PDQ ClockworkPi (the handheld device shown/discussed) – https://clockworkpi.com The PowerShell Podcast on YouTube: https://youtu.be/Y03EJYpZczo

Today we are joined by Ben Folland, Security Operations Analyst from Huntress, discussing their work on "ClickFix Gets Creative: Malware Buried in Images." This analysis covers a ClickFix campaign that uses fake human verification checks and a realistic Windows Update screen to trick users into manually running malicious commands. The multi-stage attack chain leverages mshta.exe, PowerShell, and .NET loaders, ultimately delivering infostealers like LummaC2 and Rhadamanthys, with payloads hidden inside PNG images using steganography. While technically sophisticated, the campaign hinges on simple user interaction, underscoring the importance of user awareness and controls around command execution. The research can be found here: ClickFix Gets Creative: Malware Buried in Images Learn more about your ad choices. Visit megaphone.fm/adchoices

professorjrod@gmail.comIn this episode of Technology Tap: CompTIA Study Guide, we explore how proactive detection surpasses reactive troubleshooting in cybersecurity. For those preparing for their CompTIA exam, understanding the subtle clues and quiet anomalies attackers leave behind is essential for developing strong IT skills and excelling in tech exam prep. We dive deep into the critical indicators that help you detect security compromises early, providing practical knowledge essential for your technology education and IT certification journey. Join us as we equip you with expert insights to sharpen your detection abilities and enhance your competence in protecting systems effectively.We walk through the behaviors that matter: viruses that hitch a ride on clicks, worms that paint the network with unexplained traffic, and fileless attacks that live in memory and borrow admin tools like PowerShell and scheduled tasks. You'll learn how to spot spyware by the aftermath of credential misuse, recognize RATs and backdoors by their steady beaconing to unknown IPs, and use contradictions—like tools disagreeing about running processes—as a signal for rootkits. We also draw a sharp line between ransomware's loud chaos and cryptojacking's quiet drain on your CPU and fan.Zooming out, we map network and application signals: certificate warnings and duplicate MACs that hint at man-in-the-middle, DNS mismatches that suggest cache poisoning, and log patterns that betray SQL injection, replay abuse, or directory traversal. Along the way, we talk about building Security+ instincts through scaffolding—A+ for OS and hardware intuition, Network+ for protocol fluency, and Security+ for attacker behavior—so indicators make sense the moment you see them.If you want a sharper eye for subtle threats and a stronger shot at your Security+ exam, this guide will train your attention on the tells adversaries can't fully hide. Subscribe, share with a teammate who handles triage, and leave a review with your favorite indicator to watch—we'll feature the best ones in a future show.Support the showArt By Sarah/DesmondMusic by Joakim KarudLittle chacha ProductionsJuan Rodriguez can be reached atTikTok @ProfessorJrodProfessorJRod@gmail.com@Prof_JRodInstagram ProfessorJRod

Matthew Gill joins The PowerShell Podcast to talk about what it means to be a Site Reliability Engineer (SRE) and how SRE thinking changes the way you approach automation, reliability, and problem solving. Matthew and host Andrew Pla break down core concepts like SLAs, SLOs, and SLIs, and why reliability through planning matters more than rushing straight to the keyboard.   They also dig into why PSFramework is worth the dependency for enterprise-grade logging and configuration, how community mentorship (including Fred Weinmann's impact) can fast-track growth, and why books like The Phoenix Project are game-changing for understanding DevOps culture and constraints.   Key Takeaways: • SRE is software engineering applied to operations — focus on measurable reliability, proper planning, and balancing change with stability using concepts like SLAs, SLOs, and SLIs. • PSFramework can eliminate “reinventing the wheel” — especially for logging and configuration handling, giving enterprises proven patterns and integrations without custom-built fragility. • Community is a career multiplier — mentorship, learning in public, and teaching others are some of the fastest ways to build confidence and advance your PowerShell journey.   Guest Bio: Matthew Gill is a Site Reliability Engineer and is the Co-Director of Content for the PowerShell + DevOps Global Summit. He has been a problem solver, systems administrator, and scripter for nearly 20 years. From working in the United States Marine Corps, education, radio, and currently the private sector, the majority of Matt's experience has been focused on solving problems in a variety of interesting and creative ways.Resource Links PowerShell + DevOps Global Summit – https://powershellsummit.org The Phoenix Project (Book) – https://itrevolution.com/product/the-phoenix-project/ The Unicorn Project (Book) – https://itrevolution.com/product/the-unicorn-project/ PSFramework – https://github.com/PowershellFrameworkCollective/psframework Matthew Gill's Blog – https://therealgill.com Andrew's Links - https://andrewpla.tech/links PDQ Discord – https://discord.gg/PDQ PowerShell Wednesdays – https://www.youtube.com/results?search_query=PowerShell+Wednesdays The PowerShell Podcast on YouTube: https://youtu.be/vkOLsjsPvYo

AI tools continue to evolve - what can we do with them today? Richard chats with Cecilia Wirén about her experiences using the latest AI tools to support DevOps workflows, diagnostics, and the crafting of new scripts. Cecilia focuses on tools that can help admins who occasionally work on scripts, including getting into a GitHub workflow to track prompts and results generated by LLMs, so you can always revert and learn from various approaches to interact with these new tools. The tools continue to evolve; it's worth looking at the latest features and models!LinksAzure SRE AgentMicrosoft Security CopilotGitHub CopilotAwesome CopilotCopilot ExtensionsRecorded December 3, 2025

Distinguished Software Engineer Ryan Spletzer joins The PowerShell Podcast to talk about building a long-term career in tech through curiosity, continuous learning, and strong community connections. Ryan shares how PowerShell helped shape his path from early work in SharePoint, automation, and identity management to leading AI initiatives at Autodesk, where his team built an internal ChatGPT-style solution using Azure OpenAI before enterprise ChatGPT options existed. They also dig into AI-assisted coding, mentorship, and how foundational software engineering skills still matter more than ever. Ryan offers practical guidance for using AI tools responsibly, overcoming imposter syndrome, and growing by learning adjacent domains like authentication, networking, and data engineering.   Key Takeaways: • AI is a force multiplier for experienced engineers, but mentorship is critical to help early-career engineers learn how to ask the right questions and avoid “blind troubleshooting.” • Breadth matters as you level up. Understanding adjacent domains and collaborating well with others becomes a key differentiator at senior and staff levels. • PowerShell remains a career accelerator. Ryan explains how PowerShell led him into infrastructure automation, identity, and modern auth—and why it's still his go-to tool for quick, high-impact scripting today.   Guest Bio: Ryan Spletzer is a Distinguished Software Engineer at Autodesk, where he works in an internal organization focused on AI, data, and automation. With a background spanning SharePoint development, .NET engineering, identity systems, and enterprise automation, Ryan has spent years building tools that scale across organizations. He's also a strong advocate for continuous learning and mentorship.   Resource Links: Ryan links - https://www.spletzer.com/about/ Ryan's blog - https://www.spletzer.com/ Andrew's links - https://andrewpla.tech/links PDQ Discord – https://discord.gg/PDQ PowerShell Wednesdays – https://www.youtube.com/playlist?list=PL1mL90yFExsix-L0havb8SbZXoYRPol0B The PowerShell Podcast on YouTube: https://youtu.be/ryZ7OdvCNZo

Hunting for SharePoint In-Memory ToolShell Payloads A walk-through showing how to analyze ToolShell payloads, starting with acquiring packets all the way to decoding embedded PowerShell commands. https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Hunting%20for%20SharePoint%20In-Memory%20ToolShell%20Payloads/32524 Android Security Bulletin December 2025 Google fixed numerous vulnerabilities with its December Android update. Two of these vulnerabilities are already being exploited. https://source.android.com/docs/security/bulletin/2025-12-01 4.3 Million Browsers Infected: Inside ShadyPanda's 7-Year Malware Campaign A group or individual released several browser extensions that worked fine for years until an update injected malicious code into the extension https://www.koi.ai/blog/4-million-browsers-infected-inside-shadypanda-7-year-malware-campaign