Cross-platform command-line interface and scripting language for system and network administration
POPULARITY
Categories
Maxime Lamothe-Brassard, Founder and CEO of LimaCharlie, and the Defender Fridays community sit down with Jared Atkinson and dive into BloodHound.Jared is a security researcher who specializes in Digital Forensics and Incident Response. Recently, he has been building and leading private sector Hunt Operations capabilities. In his previous life, Jared lead incident response missions for the U.S. Air Force Hunt Team, detecting and removing Advanced Persistent Threats on Air Force and DoD networks. Passionate about PowerShell and the open source community, Jared is the lead developer of PowerForensics, Uproot, and maintains a DFIR focused blog at www.invoke-ir.com.On Defender Fridays we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Join the live discussions by registering at https://limacharlie.io/defender-fridays
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Interesting Technique to Launch a Shellcode Xavier came across malware that PowerShell and the CallWindowProcA() API to launch code. https://isc.sans.edu/diary/Interesting%20Technique%20to%20Launch%20a%20Shellcode/32238 NX Compromised to Steal Wallets and Credentials The popular open source NX build package was compromised. Code was added that uses the help of AI tools like Claude and Gemini to steal credentials from affected systems https://semgrep.dev/blog/2025/security-alert-nx-compromised-to-steal-wallets-and-credentials/ Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed the Global Espionage System Several law enforcement and cybersecurity agencies worldwide collaborated to release a detailed report on the recent Volt Typhoon incident. https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-239a
In this episode of the PowerShell Podcast, we're live from TechMentor at the Microsoft campus with two incredible guests: longtime advocate, educator, and PM on the PowerShell team at Microsoft - Jason Helmick and newcomer Troy Brown. This special episode captures the heart of community, innovation, and the transformative power of PowerShell—from seasoned insight to beginner breakthroughs. Jason drops serious knowledge on two game-changing technologies: AI Shell: Think ChatGPT, but built directly into your terminal. Learn how it enhances shell UX, assists with command building, explains parameters, and keeps you focused without switching contexts. DSC v3 (Desired State Configuration): Now fully cross-platform and decoupled from PowerShell, DSC v3 is lighter, more extensible, and suitable for everything from servers to IoT. Jason walks us through the evolution, real-world use cases (like flipping Windows from dark mode to light mode!), and what's next for the configuration platform. Highlights: Microsoft's hidden campus lore, including a piece of the Berlin Wall! The evolution of PowerShell ReadLine and its impact on productivity AI Shell's support for OpenAI, Azure Copilot, ollama, Gemini, and even custom agents Exporting configs from existing machines—a long-awaited DSC feature Why DSC v3 might be the most developer- and sysadmin-friendly release yet The cultural backbone of the PowerShell team: being “scrappy” and driven by customer success Troy Brown's First TechMentor Experience First-time conference-goer Troy Brown shares his experience diving into PowerShell: How a PowerShell workshop with Sean Wheeler, Steven Judd, and Jason Helmick helped him finally understand modules The journey from using PDQ to push basic PowerShell scripts to deeper automation potential Navigating the learning curve with community support His message to fellow newcomers: “Don't take things personally, and embrace the journey.” Resource Links: DSC v3 on GitHub Leanpub DSC v3 Book by Gijs https://leanpub.com/thedscv3handbook The Phoenix Project (book) (a must-read for IT pros) https://www.amazon.com/Phoenix-Project-DevOps-Helping-Business/dp/0988262592 https://discord.gg/pdq The PowerShell Podcast on YouTube: https://youtu.be/_f5oYxzkinI The PowerShell Podcast Hub: https://pdq.com/the-powershell-podcast
In this episode, Andrew catches up with Sean Wheeler and James Petty live from TechMentor. What starts as casual conversation about conference camaraderie turns into a rich discussion on learning PowerShell, building effective profiles, AI-assisted scripting, module recommendations, and what's next for the PowerShell Summit. Whether you're new to PowerShell or a seasoned scripter, this episode offers insights, laughs, and actionable advice. Plus, we finally settle (sort of) whether the VS Code sidebar belongs on the left or the right. Key Takeaways You don't need to learn everything. Just understand the ecosystem and build your learning map. Create your PowerShell profile now—it's an easy win with huge productivity returns. AI is a tool, not a crutch. Use it wisely and validate the results. Get involved in the community. It will accelerate your learning and broaden your opportunities. Shoutouts & Links https://powershell.org https://www.youtube.com/c/PowerShellOrg https://discord.gg/pdq The PowerShell Podcast on YouTube: https://youtu.be/hr59kahksIM
Are you tapping the power of Microsoft Graph? Richard chats with Tony Redmond about his work teaching people to leverage Microsoft Graph and all the insights it can provide about their organization. Tony views Graph as one of the key skills a sysadmin needs to manage an M365 tenant, alongside Exchange Online, SharePoint, and Teams. Throw in some Entra ID skills with Graph and you're ready to take on the rest - and there's a lot! Tony is also responsible for the excellent Office 365 for IT Pros book, now in its 12th edition for 2026. These are the fundamentals that can help you embrace the Copilot future we're all facing - and there's a lot to learn!LinksGraph PowerShell SDKAzure AutomationOffice 365 for IT Pros 2026 EditionMaesterAgent Governance in M365Secure Future InitiativeLinkable Identifiers in Microsoft EntraRecorded July 24, 2025
In this high-energy episode, returning guests Gilbert Sanchez and Jake Hildreth join Andrew for a deep dive into: Module templating with PSStucco Building for accessibility in PowerShell Creating open source GitHub orgs like PSInclusive How PowerShell can lead to learning modern dev workflows like GitHub Actions and CI/CD What begins with a conversation about a live demo gone hilariously sideways turns into an insightful exploration of how PowerShell acts as a launchpad into bigger ecosystems like GitHub, YAML, JSON, and continuous integration pipelines.Bios & Bios: Gilbert Sanchez is a Staff Software Development Engineer at Tesla, specifically working on PowerShell. Formerly known as "Señor Systems Engineer" at Meta. A loud advocate for DEI, DevEx, DevOps, and TDD. Jake Hildreth is a Principal Security Consultant at Semperis, Microsoft MVP, and longtime builder of tools that make identity security suck a little less. With nearly 25 years in IT (and the battle scars to prove it), he specializes in helping orgs secure Active Directory and survive the baroque disaster that is Active Directory Certificate Services. He's the creator of Locksmith, BlueTuxedo, and PowerPUG!, open-source tools built to make life easier for overworked identity admins. When he's not untangling Kerberos or wrangling DNS, he's usually hanging out with his favorite people and most grounding reality check: his wife and daughter. Links https://gilbertsanchez.com/posts/stucco-create-powershell-module/ https://jakehildreth.github.io/blog/2025/07/02/PowerShell-Module-Scaffolding-with-PSStucco.html https://github.com/PSInclusive https://jakehildreth.com/ https://andrewpla.tech/links https://discord.gg/pdq https://pdq.com/podcast https://youtu.be/w-z2-0ii96Y
Parce que… c'est l'épisode 0x616! Shameless plug 12 au 17 octobre 2025 - Objective by the sea v8 10 au 12 novembre 2025 - IAQ - Le Rendez-vous IA Québec 17 au 20 novembre 2025 - European Cyber Week 25 et 26 février 2026 - SéQCure 2065 Description Introduction et contexte Joey D., superviseur d'une équipe de détection au Centre canadien pour la cybersécurité du gouvernement fédéral, présente les défis majeurs auxquels fait face son organisation dans la gestion de la cybersécurité à l'échelle nationale. Lors de sa présentation à NorthSec, il a abordé un problème critique : la pollution causée par le bruit dans les systèmes de détection. Le défi du volume de données Le centre canadien traite un volume impressionnant de données : plus de 200 000 événements par seconde provenant de 167 clients (et plus), couvrant l'ensemble du territoire canadien. Cette télémétrie massive est corrélée avec un grand volume d'indicateurs de compromission provenant de diverses sources et partenariats internationaux. Si cette richesse d'informations constitue un atout considérable, elle génère également un défi majeur : le bruit. La combinaison de ces deux éléments - volume important de télémétrie et grand nombre d'indicateurs - crée une pollution informationnelle qui peut submerger les analystes. Les faux positifs et les mauvaises détections prolifèrent, risquant de masquer de véritables menaces ou de mobiliser inutilement les ressources d'analyse. L'approche de filtrage intelligent Pour résoudre ce problème, Joey et son équipe ont développé une approche basée sur l'identification et la caractérisation de ce qui est “non malicieux”. Plutôt que de simplement bloquer automatiquement les alertes, ils créent des filtres informatifs qui aident les analystes dans leur processus de triage. Cette méthode permet d'éviter les faux négatifs, où un véritable compromis pourrait être filtré par erreur. L'équipe préfère maintenir un niveau de prudence élevé. Comme l'explique Joey : “À un moment donné, nous, on n'aime pas prendre ce risque-là de manquer un vrai événement de compromission.” Les filtres automatisés sont donc principalement informatifs, bien que certains, lorsque l'équipe a une confiance élevée, puissent déclencher des actions automatisées. Le cas des administrateurs créatifs Un exemple particulièrement intéressant concerne les administrateurs système. Ces professionnels, dotés de privilèges élevés sur les réseaux, font parfois preuve d'une créativité remarquable dans l'accomplissement de leur travail. Ils peuvent utiliser des outils ou des techniques habituellement associés à des acteurs malveillants, mais dans un contexte parfaitement légitime. Cette créativité administrative pose un défi constant : comment distinguer une technique légitime d'une utilisation malveillante ? L'équipe de Joey a développé plusieurs approches pour gérer ce problème, allant de filtres très spécifiques (par exemple, tel script exécuté par tel utilisateur à telle heure) à des filtres plus génériques basés sur la compréhension des technologies. L'étude du système Delivery Optimization Joey a mené une étude approfondie du système Delivery Optimization de Microsoft, un service de partage de fichiers présent par défaut sur tous les appareils Windows depuis Windows 10. Ce système permet d'accélérer les mises à jour en utilisant un mécanisme de peer-to-peer au sein du réseau local, réduisant ainsi la bande passante utilisée vers les serveurs Microsoft. Le problème survient lorsque ce système est configuré pour partager avec des machines sur Internet plutôt que seulement sur le réseau local. Dans un contexte de télétravail, cela peut créer des connexions vers des adresses IP dans différents pays, générant des alertes suspectes pour les analystes qui voient des transferts de données importants vers des destinations potentiellement douteuses. Cette recherche illustre parfaitement l'importance de comprendre le fonctionnement normal des systèmes pour mieux détecter les anomalies. Comme le souligne Joey, peu de chercheurs en sécurité s'intéressent à ces mécanismes non malveillants, créant un angle mort dans la détection. La corrélation multi-sources Une des forces du système développé par l'équipe réside dans sa capacité à corréler différents types de télémétrie. En combinant les données réseau (NetFlow, captures de paquets) avec les données d'endpoints (EDR), ils peuvent obtenir un contexte beaucoup plus riche pour leurs analyses. Par exemple, dans le cas des “fake captchas” - ces pages web malveillantes qui demandent aux utilisateurs d'exécuter des commandes via Windows+R et Ctrl+V - la corrélation permet de faire la distinction entre une simple visite du domaine malveillant (comportement normal) et l'exécution effective de la chaîne de processus malveillante (comportement à investiguer). L'architecture de détection à plusieurs niveaux Le système développé par l'équipe fonctionne selon une architecture sophistiquée à plusieurs niveaux. Au niveau le plus bas, on trouve les “hits” - des événements détectés qui ne nécessitent pas nécessairement l'intervention humaine. Par exemple, l'exécution de la commande “ping” génère un hit, mais celui-ci n'est traité que par des algorithmes. Ces hits peuvent être “promus” en alertes lorsque des algorithmes détectent des patterns suspects - par exemple, une séquence ping-ping-ping suivie de “whoami”. À l'inverse, certaines détections génèrent directement des alertes en raison de leur gravité (comme PowerShell téléchargeant du contenu depuis Internet après l'ouverture d'un document Word). Le système inclut également des algorithmes de “démotion” qui peuvent reclasser une alerte en hit lorsqu'il s'avère qu'elle correspond à un comportement légitime d'un administrateur système connu. L'intégration des indicateurs de compromission L'intégration des feeds de threat intelligence (comme MISP) représente un défi particulier. Ces indicateurs, souvent rudimentaires, nécessitent un travail important de contextualisation. Plusieurs équipes au Centre Canadien pour la cybersécurité ajoutent systématiquement du contexte lors de l'ingestion : si un fournisseur ne livre que des adresses IP mais que tous ses indicateurs concernent des botnets, cette information contextuelle est ajoutée automatiquement. Cette approche permet aux analystes de disposer du contexte nécessaire dès le moment du triage, améliorant significativement l'efficacité du processus d'analyse. Les défis de la contextualisation La contextualisation des indicateurs présente plusieurs difficultés. Les concepts peuvent être contradictoires entre différentes sources, la temporalité joue un rôle crucial (un indicateur valide il y a deux semaines peut ne plus l'être aujourd'hui), et la géolocalisation peut être trompeuse, notamment lorsque des acteurs malveillants utilisent des routeurs compromis pour masquer leur origine réelle. L'équipe doit constamment évaluer son appétit au risque pour déterminer quels indicateurs méritent une investigation et lesquels peuvent être filtrés sans risque. Les bénéfices pour les citoyens Au-delà de la protection des infrastructures gouvernementales, le travail de l'équipe de Joey bénéficie directement aux citoyens canadiens. Grâce à un partenariat avec CIRA (l'organisme responsable du domaine .ca), les indicateurs de compromission identifiés par le centre sont intégrés au service Canadian Shield. Ce service DNS gratuit permet à tout citoyen de bénéficier de cette protection en configurant simplement son routeur domestique. Conclusion et enseignements Le travail présenté par Joey D. illustre l'importance d'investir dans la qualité des données en amont du processus de détection Plutôt que de déployer des solutions “out-of-the-box” et de s'en contenter, son équipe démontre qu'un investissement significatif dans la compréhension, la contextualisation et le filtrage intelligent des données peut transformer radicalement l'efficacité d'un SOC. L'approche développée au Centre canadien pour la cybersécurité offre un modèle inspirant pour d'autres organisations confrontées aux mêmes défis de volume et de bruit. En se concentrant sur la caractérisation du comportement normal et en développant des systèmes de corrélation sophistiqués, il devient possible de gérer efficacement des volumes de données considérables tout en maintenant un niveau de détection élevé. Cette présentation souligne également l'importance de la collaboration et du partage d'informations dans le domaine de la cybersécurité, démontrant comment le travail d'une équipe gouvernementale peut bénéficier à l'ensemble de la communauté, des grandes organisations aux citoyens individuels. Notes Le Bouclier canadien Collaborateurs Joey D. Crédits Montage par Intrasecure inc Locaux réels par Northsec
In this episode of the PowerShell Podcast, host Andrew Pla reunites with PowerShell legend Fred, diving deep into productivity with hotkeys and key bindings, EntraAuth, C# integration, and community reflections from PowerShell Conference EU. Fred shares practical advice for improving your daily workflow, how to extend PowerShell with C#, and why participation in the community—whether through conferences or contributing modules—can be a game-changer for your career. What You'll Learn: How to improve your coding efficiency with advanced hotkeys and key bindings The difference between hotkeys and key bindings and how to create your own Insights into Fred's EntraAuth module and why federated credentials matter When it makes sense to use C# alongside PowerShell How community involvement can elevate your career What makes PowerShell Conference EU a unique experience Tips for new speakers interested in submitting conference talks Bio & Links: Fred Weinmann is a seasoned Cloud Solution Architect at Microsoft and a renowned PowerShell expert with years of experience designing and implementing scalable solutions. A prolific creator, Fred has developed key tools like PSFramework, PSModuleDevelopment, PSUtil, and PSFramework.Nuget, which empowers developers and IT professionals to optimize their workflows. Passionate about technology and problem-solving, Fred's innovative approach to PowerShell module development and his commitment to community-driven open-source projects have made him a respected figure in the PowerShell community. https://github.com/FriedrichWeinmann/EntraAuth https://github.com/PowershellFrameworkCollective/PSFramework.NuGet https://github.com/FriedrichWeinmann/string https://andrewpla.tech/links https://psconf.eu https://github.com/PowershellFrameworkCollective/psframework Fred's PSConfEU PSFramework.Nuget talk: https://www.youtube.com/watch?v=iMSOVwmBXrk Check out PDQ Connect https://pdq.com/podcast Join the PowerShell Scripting channel: https://discord.gg/pdq The PowerShell Podcast on YouTube: https://youtu.be/TZPy4X6yLjM The PowerShell Podcast hub: https://pdq.com/the-powershell-podcast
Parce que… c'est l'épisode 0x615! Shameless plug 12 au 17 octobre 2025 - Objective by the sea v8 10 au 12 novembre 2025 - IAQ - Le Rendez-vous IA Québec 17 au 20 novembre 2025 - European Cyber Week 25 et 26 février 2026 - SéQCure 2065 Description Dans ce podcast approfondi, Charles Hamilton partage sa vision du red teaming moderne et de l'évolution de l'écosystème cybersécurité. L'échange révèle les complexités d'un marché en constante mutation et les défis qui touchent tant les professionnels que les organisations. Le paradoxe du red teaming moderne Hamilton souligne un phénomène fascinant : les red teamers ciblent principalement des entreprises matures en sécurité, créant un écart croissant avec la réalité des attaques criminelles. Cette sophistication forcée des équipes rouges s'explique par la nécessité de contourner des solutions de sécurité avancées pour accomplir leurs missions d'évaluation. Paradoxalement, cette expertise finit par être publique et influence les techniques des vrais attaquants, créant un cycle où les défenseurs doivent constamment s'adapter. Les véritables cybercriminels, quant à eux, privilégient l'opportunisme au détriment de la sophistication. Ils concentrent leurs efforts sur des cibles plus vulnérables, rendant leurs techniques souvent moins raffinées mais plus pragmatiques. Cette approche business-oriented explique pourquoi on retrouve encore des outils anciens comme Mimikatz dans les incidents réels, alors que les red teamers développent des techniques d'évasion complexes. L'écart entre recherche et réalité opérationnelle L'expérience d'Hamilton illustre comment les innovations du red teaming finissent par être récupérées par les attaquants réels. Il raconte l'anecdote d'un code qu'il avait publié il y a plus de dix ans et qui fut récemment réutilisé par un groupe d'attaquants, devenant soudainement une “nouvelle backdoor” aux yeux des analystes. Cette récupération démontre que les criminels puisent largement dans les ressources publiques plutôt que de développer leurs propres innovations. Cette dynamique soulève des questions importantes sur l'équilibre entre le partage de connaissances défensives et les risques d'armement involontaire des attaquants. Hamilton défend néanmoins la publication de recherches, arguant que ces techniques finiraient par être découvertes de toute façon, et que leur divulgation permet aux défenseurs de mieux se préparer. La sophistication technique face à l'efficacité pratique Un point central de la discussion concerne l'appréciation des outils techniques. Hamilton insiste sur l'importance de comprendre la complexité sous-jacente d'outils comme Mimikatz, développé par Benjamin Delpy. Cet outil, souvent perçu comme “simple” par les utilisateurs, représente en réalité des centaines d'heures de recherche sur les structures internes de Windows. Cette incompréhension de la sophistication technique conduit à une sous-estimation de la valeur des outils et des compétences nécessaires pour les développer. Il établit un parallèle avec Metasploit, framework qui a démocratisé l'exploitation de vulnérabilités. Beaucoup d'utilisateurs peuvent lancer un exploit sans comprendre sa mécanique interne, comme l'exemple historique de MS08-067, exploitation particulièrement complexe impliquant des services RPC, des buffer overflows et des techniques de contournement de protections mémoire. La collaboration entre équipes rouges et bleues Hamilton prône une approche collaborative à travers les “Detection Capability Assessment”, exercices où red teamers et blue teamers travaillent ensemble. Ces sessions permettent aux défenseurs de voir les techniques en action et de développer des règles de détection appropriées. Cette collaboration bidirectionnelle enrichit les deux parties : les red teamers comprennent mieux les traces qu'ils laissent, tandis que les blue teamers apprennent à identifier des indicateurs subtils. Cette approche collaborative reste malheureusement rare, particulièrement au Québec où les budgets cybersécurité sont plus limités. Le recours massif aux services managés crée également une opacité problématique, où l'intelligence de détection développée reste propriété du fournisseur plutôt que de l'organisation cliente. Les défis de la détection moderne La conversation aborde la transition des signatures antivirales vers la télémétrie moderne. Cette évolution, bien que techniquement supérieure, reste mal comprise par de nombreux professionnels. La télémétrie génère d'importants volumes de données qui nécessitent une analyse contextuelle sophistiquée pour identifier les activités malicieuses. Hamilton illustre ce défi avec l'exemple d'un utilisateur non-technique exécutant soudainement PowerShell et effectuant des requêtes LDAP. Individuellement, ces actions peuvent sembler bénignes, mais leur combinaison et le contexte utilisateur révèlent une activité suspecte typique d'outils comme BloodHound. Cette contextualisation reste difficile à automatiser et nécessite une compréhension fine de l'environnement organisationnel. Critique des métriques de vulnérabilité L'expert critique vivement l'utilisation systématique du système CVSS pour évaluer les risques. Dans le contexte du red teaming, une vulnérabilité “low” selon CVSS peut devenir critique si elle constitue le maillon manquant d'une chaîne d'attaque vers des actifs sensibles. Cette approche contextuelle du risque contraste avec les évaluations standardisées des tests d'intrusion traditionnels. L'exemple de Log4J illustre parfaitement cette problématique. Plutôt que de paniquer et patcher massivement, une compréhension du vecteur d'attaque aurait permis de mitiger le risque par des mesures réseau, évitant le stress des équipes pendant les vacances de Noël. L'industrie de la cybersécurité et ses travers Hamilton observe une tendance préoccupante vers la sur-médiatisation et le marketing dans la cybersécurité. Les vulnérabilités reçoivent des noms accrocheurs et des logos, les groupes d'attaquants sont “glorifiés” avec des noms évocateurs et des représentations heroïques. Cette approche marketing dilue les vrais messages techniques et crée une confusion entre communication et substance. Il dénonce également la prolifération de contenu généré par IA sur les plateformes professionnelles, particulièrement LinkedIn, qui noie les discussions techniques pertinentes sous un flot de contenu vide mais bien formaté. Cette tendance marginalise les voix techniques expertes au profit de “cyber-influenceurs” qui recyclent des concepts obsolètes. Formation et transmission des connaissances Malgré ces défis, Hamilton continue de former la prochaine génération de professionnels. Il insiste sur l'importance de comprendre les fondamentaux plutôt que d'utiliser aveuglément des outils. Cette philosophie éducative vise à créer des professionnels capables d'adaptation et d'innovation plutôt que de simples utilisateurs d'outils. Il encourage également la publication de blogs techniques, même sur des sujets déjà connus, comme moyen de développer les compétences de communication essentielles dans le domaine. La capacité à documenter et expliquer son travail s'avère aussi importante que l'expertise technique elle-même. Vers une industrie plus collaborative La conversation se conclut sur un appel à plus de collaboration et moins de compétition stérile dans l'industrie. Hamilton plaide pour des échanges constructifs entre professionnels techniques et dirigeants, entre red teamers et blue teamers, entre chercheurs et praticiens. Cette vision d'une communauté unie contraste avec la réalité actuelle d'écosystèmes cloisonnés qui peinent à communiquer efficacement. Il partage son expérience personnelle des critiques et de la toxicité parfois présente dans la communauté cybersécurité, tout en réaffirmant son engagement à partager ses connaissances et à contribuer à l'évolution positive du domaine. Son parcours, depuis les débuts dans les années 2000 jusqu'à aujourd'hui, témoigne de l'évolution rapide du secteur et de l'importance de l'adaptation continue. Cette riche discussion révèle les multiples facettes d'un domaine en constante évolution, où l'équilibre entre technique et communication, entre offensive et défensive, entre innovation et pragmatisme, définit l'efficacité des approches sécuritaires modernes. Collaborateurs Charles F. Hamilton Crédits Montage par Intrasecure inc Locaux réels par Northsec
How do you get from ClickOps to DevOps? While at Build, Richard chatted with Steven Bucher about using Copilot in Azure to help build PowerShell scripts with Azure CLI to get you moving down the path of repeatable deployment. Steven talks about interacting with Copilot in Azure through the Portal, Azure CLI, and PowerShell. Using tools like GitHub Copilot in Visual Studio Code can help you start making Infrastructure as Code in Bicep or Terraform to move you along the path of automating reliable deployments!LinksCopilot in AzureAzure CLITerraformAI ShellPowerShell 7.5BicepGitHub Copilot on VS CodeRecorded May 19, 2025
Bentornati e bentornate su Azure Italia Podcast, il podcast in italiano su Microsoft Azure!Per non perderti nessun nuovo episodio clicca sul tasto FOLLOW del tuo player
In this insightful episode of the PowerShell Podcast, host Andrew Pla welcomes longtime friend and seasoned technologist Ryan Coates. Together, they explore the intersection of PowerShell and C#, discuss the natural evolution of tech careers, and examine the role of continuous learning in long-term success. Ryan shares a wealth of perspective from decades in IT—covering everything from early networking to modern cloud architectures and why C# is a practical next step for PowerShell users. Whether you're deep in automation or eyeing your next language leap, this conversation is packed with career wisdom, developer philosophy, and some solid tech nostalgia. What You'll Learn: Why C# is a great next step for experienced PowerShell users Use cases where C# offers performance or capability advantages over PowerShell How PowerShell and C# skills complement each other in the .NET ecosystem Ryan's journey from MCSE teen prodigy to early retirement Why soft skills are just as vital as technical skills for senior roles The value of working across many technologies and industries early in your career Insights into DevOps maturity, architecture thinking, and lifelong learning Bio & Links: Ryan Coates is an Enterprise Architect with 25+ years in IT, evolving from systems ops to DevOps and developer advocacy. He leads internal API and DevRel strategy at a global consulting firm. Passionate about mentoring, Ryan speaks at conferences on cloud and automation and helps run Microsoft Cloud, DevOps, and PowerShell user groups in Boise, Idaho. https://linkedin.com/in/ryandcoates https://twitter.com/ryandcoates https://discord.gg/pdq https://andrewpla.tech/links Ryan's C# Talk at PS Wednesday: https://www.youtube.com/watch?v=hOaFdHTlDXE Ryan's Summit Talk: https://www.youtube.com/watch?v=AePjFyuWvg8 Join the PowerShell Scripting Channel on PDQ Discord: https://discord.gg/pdq Check out PDQ Connect: https://pdq.com/podcast The PowerShell Podcast on YouTube: https://youtu.be/72UCneA1X40 The PowerShell Podcast Hub: https://pdq.com/the-powershell-podcast
In this episode of the PowerShell Podcast, Andrew Pla welcomes longtime friend and DevOps Endpoint Engineer David Richmond. Fresh off his PowerShell Wednesday presentation, David shares insights into the power of splatting in PowerShell, centralizing automations, and driving organizational change through best practices and leadership. The conversation explores the evolution of automation practices, Git adoption in Ops, secrets management using Azure Key Vault, and how empowering others can multiply technical impact. It's an inspiring blend of deep PowerShell knowledge and practical career development advice. What You'll Learn: What splatting is in PowerShell and why it's such a powerful coding practice How to organize, simplify, and clean up your scripts with hash tables and ordered dictionaries David's journey from solo IT support to leading centralized automation efforts Pro tips on Git, module development, credential management, and code organization The benefits of creating training sessions and fostering a team-wide PowerShell culture Why data-driven automation metrics can win leadership support How PowerShell can scale your impact and accelerate your career Bio & Links: David Richmond started writing scripts in the Macintosh OS days (the 90s!) and hasn't stopped. Currently working in the every-OS endpoint engineering / devops space, particularly focused on internal automations team skillups in PowerShell and beyond. https://discord.gg/pdq https://www.linkedin.com/in/david-s-richmond/ https://dev.to/celadin https://bsky.app/profile/davidsrichmond.com Splatting PowerShell Wednesday: https://www.youtube.com/watch?v=8oesn0HgGxE https://github.com/PoshCode/PowerShellPracticeAndStyle The PowerShell Podcast Hub: The PowerShell Podcast: https://pdq.com/the-powershell-podcast The PowerShell Podcast on YouTube: https://youtu.be/_cbpGxZOHS4 Help topic: help about_splatting
Bart had an itch to scratch, and he decided to scratch it with PowerShell. You'll remember that he gave us a teaser Tidbit seven months ago in Tidbit 11, and we still haven't started learning PowerShell so this one is yet another teaser. The itch he had was trying to understand the "Monty Hall Problem" [en.wikipedia.org/...](https://en.wikipedia.org/wiki/Monty_Hall_problem), and by writing a script to simulate a thousand rounds of the game, he was able to finally understand the solution. It is great fun hearing Bart describe how he spent the first few days of his annual leave programming ... because it was fun! You can find Bart's fabulous tutorial shownotes and the audio podcast at pbs.bartificer.net. Read an unedited, auto-generated transcript with chapter marks: PBS_2025_07_19 Join our Slack at podfeet.com/slack and check out the Programming By Stealth channel under #pbs. Support Bart by going to lets-talk.ie and pushing one of the big blue support buttons. Referral Links: Setapp - 1 month free for you and me Parallels Toolbox - 3 months free for you and me Learn through MacSparky Field Guides - 15% off for you and me Backblaze - One free month for me and you Eufy - $40 for me if you spend $200. Sadly nothing in it for you. PIA VPN - One month added to Paid Accounts for both of us CleanShot X - Earns me $25%, sorry nothing in it for you but my gratitude
Troubleshoot identity issues, investigate risky users and apps, and optimize Conditional Access policies using natural language—with built-in AI from Microsoft Security Copilot in Microsoft Entra. Instead of switching between logs, PowerShell, and spreadsheets, Security Copilot centralizes insights for faster, more focused action. Resolve compromised accounts, uncover ownerless or high-risk apps, and tighten policy coverage with clear insights, actionable recommendations, and auto-generated policies. Strengthen security posture and reclaim time with a smarter, more efficient approach powered by Security Copilot. Diana Vicezar, Microsoft Entra Product Manager, shares how to streamline investigations and policy management using AI-driven insights and automation. ► QUICK LINKS: 00:00 - Microsoft Entra with Security Copilot 01:26 - Conditional Access Optimization Agent 03:35 - Investigate risky users 05:49 - Investigate risky apps 07:34 - Personalized security posture recommendations 08:20 - Wrap up ► Link References Check out https://aka.ms/SecurityCopilotAgentsinMicrosoftEntra ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics
In this special live episode recorded amidst the rain-soaked streets of Malmö duringPSConfEU 2025, host Andrew Pla brings us a vibrant, multi-guest edition of the PowerShell Podcast. From impromptu bar chats to in-depth discussions on PowerShell modules, CI/CD pipelines, career growth, and community culture, this episode captures the heart of the PowerShell community in full force. Hear from speakers, first-time attendees, longtime community contributors, and PowerShell legends as they share their stories, projects, career journeys, favorite sessions, and the human side of tech. Guests: Harm Veenstra (PowerShellIsFun, MVP and Legend) Constantin Hager (PS Framework user & Inn-Salzach PowerShell Group organizer) Thomas Hadin (Swedish consultant, Discord regular) James Ruskin (Chocolatey engineer, bigtime PowerSheller, kind and smart) Emanuel Palm (Microsoft MVP and PSConfEU speaker) Suresh "SK" Krishnan (IAM pro & PowerShell podcast superfan) Topics Covered: Favorite PSConfEU 2025 sessions and key takeaways GitHub Actions & GitHub Apps deep dive Lightning talks & community demo formats User group organizing and mentoring new speakers Tools: PS Framework, Spectre.Console, AI Shell, ModuleBuilder PowerShell remoting, PSDefaultParameterValues, and CI pipelines Career development insights, perspective shifts, and personal growth Building friendships and networks in the PowerShell community Highlights: “There's no magic” – a recurring theme reminding listeners to understand what they're running. Reflections on how empathy and perspective can transform your IT career. A shoutout to the PowerShell Discord community and lesser-known contributors like weq and Chris Dent. Real stories of overcoming stage fright, pushing past visa issues, and finding belonging through tech. Links: https://discord.gg/pdq https://psconf.eu https://andrewpla.tech/links Watch PowerShell Wednesday: https://www.youtube.com/playlist?list=PL1mL90yFExsix-L0havb8SbZXoYRPol0B PSConfEU 2025 sessions: https://www.youtube.com/watch?v=9CJWhWdbTGU&list=PLDCEho7foSoo6tc8iNDSrxp27dG_gtm6g The PowerShell Podcast Hub: https://pdq.com/the-powershell-podcast The PowerShell Podcast on YouTube: https://youtu.be/RoVlp5XmXBc
Today we are joined by Selena Larson, Threat Researcher at Proofpoint, and co-host of Only Malware in the Building, as she discusses their work on "Amatera Stealer - Rebranded ACR Stealer With Improved Evasion, Sophistication." Proofpoint researchers have identified Amatera Stealer, a rebranded and actively developed malware-as-a-service (MaaS) variant of the former ACR Stealer, featuring advanced evasion techniques like NTSockets for stealthy C2 communication and WoW64 Syscalls to bypass user-mode defenses. Distributed via ClearFake web injects and the ClickFix technique, Amatera leverages multilayered PowerShell loaders, blockchain-based hosting, and creative social engineering to compromise victims. With enhanced capabilities to steal browser data, crypto wallets, and other sensitive files, Amatera poses a growing threat in the wake of disruptions to competing stealers like Lumma. Complete our annual audience survey before August 31. The research can be found here: Amatera Stealer: Rebranded ACR Stealer With Improved Evasion, Sophistication Learn more about your ad choices. Visit megaphone.fm/adchoices
Today we are joined by Selena Larson, Threat Researcher at Proofpoint, and co-host of Only Malware in the Building, as she discusses their work on "Amatera Stealer - Rebranded ACR Stealer With Improved Evasion, Sophistication." Proofpoint researchers have identified Amatera Stealer, a rebranded and actively developed malware-as-a-service (MaaS) variant of the former ACR Stealer, featuring advanced evasion techniques like NTSockets for stealthy C2 communication and WoW64 Syscalls to bypass user-mode defenses. Distributed via ClearFake web injects and the ClickFix technique, Amatera leverages multilayered PowerShell loaders, blockchain-based hosting, and creative social engineering to compromise victims. With enhanced capabilities to steal browser data, crypto wallets, and other sensitive files, Amatera poses a growing threat in the wake of disruptions to competing stealers like Lumma. Complete our annual audience survey before August 31. The research can be found here: Amatera Stealer: Rebranded ACR Stealer With Improved Evasion, Sophistication Learn more about your ad choices. Visit megaphone.fm/adchoices
In this episode, recorded live at PSConfEU, Andrew catches up with some of the PowerShell team from Microsoft to talk all things PowerShell—from AIShell to PSResourceGet to the future of DSC and OpenSSH. First up is Steven Bucher, Product Manager on the PowerShell team, who discusses the massive scale of PowerShell usage, the state of PowerShell 7, and the team's focus on security and reliability. He also gives an exciting walkthrough of AIShell and how it's helping users stay in the terminal while getting AI-driven help, error resolution, and integration with providers like Azure OpenAI and AI Foundry. Then we hear from Anam, a software engineer working on PSResourceGet, PowerShell Gallery, and security. She shares details on the rewrite of PowerShellGet, performance improvements, and new features like container registry support. She also dives into Microsoft's Artifact Registry (MAR) and offers her take on coding as a creative, artistic endeavor. Lastly, Tess joins the conversation to talk about OpenSSH and Desired State Configuration (DSC). She highlights the native cross-platform capabilities of DSC v3, its decoupling from PowerShell, and the move toward supporting resource development in languages like Python. Tess also shares the significance of SSH server availability in Windows Server 2025 and reflects on her open-source journey and love of outdoor sports. Whether you're managing packages, remoting with SSH, exploring AI integrations, or just want to know more about some of the people behind PowerShell, this episode delivers valuable insights from the team building the tools you use. Links and Mentions: https://www.linkedin.com/in/anamnavied/ https://www.linkedin.com/in/tess-gauthier-a43a368a/ https://www.linkedin.com/in/stevenabucher/ https://andrewpla.tech/links https://github.com/PowerShell/PowerShell https://github.com/PowerShell/AIShell https://github.com/PowerShell/PSResourceGet https://github.com/PowerShell/Win32-OpenSSH https://github.com/microsoft/DSC The PowerShell Podcast on YouTube: https://youtu.be/F4mVUHinjf4 The PowerShell Podcast: https://pdq.com/the-powershell-podcast Guests: Stephen Bucher – Product Manager II on the PowerShell Team Anam Navied – Software Engineer 2 @ Microsoft Tess Gauthier – Software Engineer @ Microsoft | OpenSSH
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Bil Harmer, operating partner and CISO, Craft Ventures. Check out Bil's page, KillSwitchAdvisory. Thanks to our show sponsor, ThreatLocker Alert fatigue, false positives, analyst burnout—you know the drill. What if you could stop threats before they run? ThreatLocker gives CISOs what they've been asking for: real control at the execution layer. Only approved apps, scripts, and executables run. Period. Known-good is enforced. Everything else? Denied by default. Ringfencing and storage control keep even trusted tools in their lane—so PowerShell doesn't become a weapon. And yes—it works at scale. Granular policies. Fast rollout. Built for modern infrastructure. You don't need more alerts. You need fewer chances for malware to make a move. ThreatLocker helps you flip the model—from detect-and-respond… to deny-and-verify. Go to ThreatLocker.com/CISO to schedule your free demo and close the last gap in your Zero Trust strategy, before it's exploited. All links and the video of this episode can be found on CISO Series.com
Hazel welcomes back Ryan Fetterman from the SURGe team to explore his new research on how large language models (LLMs) can assist those who work in security operations centers to identify malicious PowerShell scripts. From teaching LLMs through examples, to using retrieval-augmented generation and fine-tuning specialized models, Ryan walks us through three distinct approaches, with surprising performance gains.
In this episode of the PowerShell Podcast, host Andrew Pla reports live from PowerShell Conference Europe 2025 in Malmö, Sweden. With energy high and community engagement stronger than ever, Andrew chats with key figures shaping the PowerShell ecosystem. First, we hear from Gael Colas, organizer of PSConfEU and longtime community advocate, who discusses the significance of the conference and its international impact. Gael reflects on the challenges of organizing a multi-country event and the magic that happens when the community comes together in person. Later, Andrew connects with Stein Petersen, a speaker at PSConfEU. Stein shares insights into his talk on mental health, psychological safety, and building human-centric tech teams. Alongside his co-speaker, licensed therapist Tracy Sewell, they tackle burnout prevention and emotional resilience in the workplace. The discussion sheds light on the intersection between mental well-being and professional success in IT. This episode captures the unique mix of technical enthusiasm and human connection that defines the PowerShell community. Whether you're coding, coaching, or just trying to survive burnout, there's something here for you. Recorded on location at PowerShell Conference Europe 2025. Links & Bio: https://psconf.eu https://andrewpla.tech/links https://www.linkedin.com/in/steinpetersen/ https://gaelcolas.com https://synedgy.com https://discord.gg/pdq The PowerShell Podcast on YouTube: https://youtu.be/paB3R1uA8jw The PowerShell Podcast: https://pdq.com/the-powershell-podcast Gael Colas Gael is the founder and director of SynEdgy Limited, a consulting company in the DevOps, Azure and PowerShell automation space, helping companies bringing agility in their infrastructure management and operations. SynEdgy is also behind the PowerShell Conference Europe (PSConfEU), PSDayUK and contributes to many other user groups and events of the community. In his spare time, Gael is a member of the PowerShell Working Groups, DSC Community committee member, and recipient of the Microsoft MVP award. Stein Petersen Stein is a cloud architect and passionate community contributor focused on mental health in IT. He is committed to fostering psychological safety, resilience, and emotional intelligence within tech teams.
In this episode of the PowerShell Podcast, we're joined by Steven Judd and Gilbert Sanchez, two active contributors and speakers in the PowerShell community. We talk about the Dos and Don'ts of PowerShell. We cover topics like documentation, testing, community, how you should view yourself in your growth, and even get some top tips on logging from those who have done PowerShell at the highest levels. Key Topics Covered: How community support leads to career breakthroughs Learning through teaching and presenting at conferences Overcoming nerves and imposter syndrome as new speakers The value of async learning and accountability through PowerShell Wednesdays Steven's PowerShell journey from System Admin to cybersecurity educator Gilbert's insights on mentorship, blogging, and personal development Embracing humility and finding joy in collaboration Whether you're just getting started or looking to deepen your PowerShell journey, this episode is a celebration of curiosity, courage, and community.
This week, we sit down with Anthony Howell, better known as The PoSh Wolf, for an inspiring and entertaining conversation about PowerShell, community, and creativity. From his early days in a two-person IT department to speaking at PowerShell Summit, Anthony shares how passion, persistence, and curiosity have fueled his journey. He dives into his creative use of PowerShell for managing game servers and even building a Discord bot, proving that automation isn't just for enterprise tasks. We explore how side projects can grow into real skills, the value of sharing in the community, and how embracing mistakes makes us all better. Anthony also gives insights into using .NET in PowerShell, learning Go, and building resilient systems for fun and work. Bio: Anthony Howell is a proud father, lucky husband, and passionate software builder. Since starting his IT career in 2009 as a helpdesk technician, he's followed his drive for automation from scripting sysadmin tasks in PowerShell to tackling DevOps and site reliability challenges. Known for always having a process improvement idea, Anthony shares insights from his journey to help others build smarter, more efficient systems. What You'll Learn: How Anthony got started with PowerShell and his first Summit experience Creative PowerShell use cases like Discord bots and game server management Lessons from mistakes and the power of testing Transitioning from PowerShell to .NET and even Go The importance of community and continuing to ask questions Links & Resources: https://www.linkedin.com/in/theposhwolf/ https://discord.gg/pdq https://theposhwolf.com/ https://andrewpla.tech/links Check out PDQ: https://pdq.com/podcast https://www.powershellgallery.com/packages/powershell-yaml/0.4.12 The PowerShell Podcast on YouTube: https://youtu.be/tOH5FXn0IhU
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Extracting With pngdump.py Didier extended his pngdump.py script to make it easier to extract additional data appended to the end of the image file. https://isc.sans.edu/diary/Extracting%20With%20pngdump.py/32022 16 React Native Packages for GlueStack Backdoored Overnight 16 npm packages with over a million weekly downloads between them were compromised. The compromised packages include a remote admin tool that was seen before in similar attacks. https://www.aikido.dev/blog/supply-chain-attack-on-react-native-aria-ecosystem Atomic MacOS Stealer Exploits Clickfix MacOS users are now also targeted by fake captchas, tricking users into running exploit code. https://www.cloudsek.com/blog/amos-variant-distributed-via-clickfix-in-spectrum-themed-dynamic-delivery-campaign-by-russian-speaking-hackers Microsoft INETPUB Script Microsoft published a simple PowerShell script to restore the inetpub folder in case you removed it by mistake. https://www.powershellgallery.com/packages/Set-InetpubFolderAcl/1.0
Forecast = Stormy with a chance of TikTok malware showers—exploit scoring systems hot, but patch management outlook remains partly cloudy. Welcome to Storm⚡️Watch! In this episode, we're diving into the current state of cyber weather with a mix of news, analysis, and practical insights. This week, we tackle a fundamental question: are all exploit scoring systems bad, or are some actually useful? We break down the major frameworks: **CVSS (Common Vulnerability Scoring System):** The industry standard for assessing vulnerability severity, CVSS uses base, temporal, and environmental metrics to give a comprehensive score. It's widely used but has limitations—especially since it doesn't always reflect real-world exploitability. **Coalition Exploit Scoring System (ESS):** This system uses AI and large language models to predict the likelihood that a CVE will be exploited in the wild. ESS goes beyond technical severity, focusing on exploit availability and usage probabilities, helping organizations prioritize patching with better accuracy than CVSS alone. **EPSS (Exploit Prediction Scoring System):** EPSS is a data-driven approach that estimates the probability of a vulnerability being exploited, using real-world data from honeypots, IDS/IPS, and more. It updates daily and helps teams focus on the most urgent risks. **VEDAS (Vulnerability & Exploit Data Aggregation System):** VEDAS aggregates data from over 50 sources and clusters vulnerabilities, providing a score based on exploit prevalence and maturity. It's designed to help teams understand which vulnerabilities are most likely to be actively exploited. **LEV/LEV2 (Likely Exploited Vulnerabilities):** Proposed by NIST, this metric uses historical EPSS data to probabilistically assess exploitation, helping organizations identify high-risk vulnerabilities that might otherwise be missed. **CVSS BT:** This project enriches CVSS scores with real-world threat intelligence, including data from CISA KEV, ExploitDB, and more. It's designed to help organizations make better patching decisions by adding context about exploitability. Next, we turn our attention to a troubling trend: malware distribution via TikTok. Attackers are using AI-generated videos, disguised as helpful software activation tutorials, to trick users into running malicious PowerShell commands. This “ClickFix” technique has already reached nearly half a million views. The malware, including Vidar and StealC, runs entirely in memory, bypassing traditional security tools and targeting credentials, wallets, and financial data. State-sponsored groups from Iran, North Korea, and Russia have adopted these tactics, making it a global concern. For employees, the takeaway is clear: never run PowerShell commands from video tutorials, and always report suspicious requests to IT. For IT teams, consider disabling the Windows+R shortcut for standard users, restrict PowerShell execution, and update security awareness training to include social media threats. We also highlight the latest from Censys, VulnCheck, runZero, and GreyNoise—industry leaders providing cutting-edge research and tools for vulnerability management and threat intelligence. Don't miss GreyNoise's upcoming webinar on resurgent vulnerabilities and their impact on organizational security. And that's a wrap for this episode! We will be taking a short break from Storm Watch for the summer. We look forward to bringing more episodes to you in the fall! Storm Watch Homepage >> Learn more about GreyNoise >>
In this episode of the PowerShell Podcast, we take a detour from our typical PowerShell conversations to explore the fascinating world of game hacking with backend services developer Mateus Pimentel. Mateus shares his journey from crafting bots for MMORPGs to reverse engineering games and ultimately working in online services for a major gaming company.We discuss his early experiences hacking Tibia, how he overcame being hacked himself as a kid, and how those formative experiences shaped his approach to software development and cybersecurity. Mateus also dives into powerful learning experiences from hacking games, participating in Capture the Flag competitions, and avoiding the dark paths that lure many curious technologists. This episode is a compelling exploration of hacking culture, ethics, and personal transformation. Topics covered: From game hacking to working at a gaming company Mateus' early adventures reverse-engineering Tibia Lessons learned from being hacked as a kid Ethical hacking, personal growth, and career evolution The overlap between game hacking and cybersecurity Capture the Flag (CTF) competitions and their career value Understanding system protocols and reverse engineering Reflections on following your curiosity and avoiding burnout Notable quote: “Follow your passion. If it's fun, you'll learn 10 times faster.” Bio and Links: Mateus Pimentel is a software developer with a passion for software architecture, game modding and solving complex problems. From reverse engineering MMORPGs as a teenager to helping secure one of the gaming industry's most ambitious projects at major gaming company, Mateus has cultivated deep technical skills grounded in a strong ethical framework. His journey from underground hacker to professional developer offers a unique and inspiring perspective on how curiosity and integrity can guide a meaningful career in tech. Follow Mateus on LinkedIn: https://www.linkedin.com/in/pimentelmateus/ Connect with Andrew: https://andrewpla.tech/links Catch PowerShell Wednesdays weekly at 2 PM EST on discord.gg/pdq The PowerShell Podcast hub: https://pdq.com/the-powershell-podcast Darza's Dominion Hacked: https://www.youtube.com/watch?v=ipqge4aJt3U Mystera Reborn Hacked: https://youtu.be/Gg6owdR_7h8?si=1Uk0a8RW9czs0TCm Using Remote Vision to watch a Player Battle: https://www.youtube.com/watch?v=poDkWlR-1ks Fractured Online Gold Machine: https://youtu.be/EIHJBdrr0Ac?si=Wis9DGinI5EKuN0O The PowerShell Podcast Hub: https://pdq.com/the-powershell-podcast The PowerShell Podcast on YouTube: https://youtu.be/8cxtg4QQjZQ
In this episode of the PowerShell Podcast, we welcome back Justin Grote, a Microsoft MVP and open-source powerhouse, for an in-depth and fast-paced conversation. Fresh off his PowerShell Wednesday presentation, Justin shares the thinking behind his latest innovations, including the creation of the high-performance ExcelFast module and his evangelism for dev containers and modern development workflows. Key topics in this episode include: Getting the most from VS Code – Justin shares power-user tips, favorite settings, and the evolution of his 1,000-line configuration file. GitHub Copilot and real-world developer productivity – How Justin's approach to AI tooling shifted after experiencing measurable value in his PowerShell workflows. Dev containers and runtime containers – A detailed breakdown of the difference, practical use cases, and how they transform collaboration, onboarding, and consistency. Excel Fast – A brand-new module optimized for high-performance reading, writing, and streaming of large Excel and CSV datasets, developed with dev containers from day one. Open-source contributions to PowerShell – Including enhanced logging for Invoke-RestMethod and building a dev container for the PowerShell repo itself. PowerShell Conf EU previews – From a 90-minute VS Code optimization deep dive to a hands-on runspaces lab with GitHub Codespaces integration. This episode is packed with practical advice, philosophy on tooling, and Justin's trademark blend of performance focus and community-first thinking. Whether you're a seasoned developer or looking to up your scripting game, you'll walk away with new ideas and resources to explore. Guest Bio – Justin Grote Justin Grote is a Microsoft MVP, PowerShell advocate, and open-source contributor with a deep focus on automation, performance, and developer productivity. Known for tools like ModuleFast and his work improving PowerShell workflows, Justin blends real-world experience with a passion for teaching and sharing. Whether he's optimizing VS Code, contributing to the PowerShell repo, or speaking at global conferences, Justin empowers the community with practical solutions and thoughtful insight. Links: Find Justin on GitHub, BlueSky, or on Discord (@JustinGrote): https://github.com/JustinGrote Try out ExcelFast: https://github.com/JustinGrote/ExcelFast PSConfEU Announcement: https://www.linkedin.com/feed/update/urn:li:activity:7328093268225806337/ Create Dev Container Docs: https://code.visualstudio.com/docs/devcontainers/create-dev-container SecretManagement.DpapiNG: https://github.com/jborean93/SecretManagement.DpapiNG Connect with Andrew on Socials: https://andrewpla.tech/links Catch PowerShell Wednesdays weekly at 2 PM EST on discord.gg/pdq The PowerShell Podcast hub: https://pdq.com/the-powershell-podcast The PowerShell Podcast on YouTube: https://youtu.be/dHbWFUyUaOE
Agentic AI is the theme of the show this year, and this time its multi-agent with orchestration! But first, we need to discuss the protestors. Paul and Richard have stories. So many stories! Build 2025 New Microsoft 365 Copilot features are rolling out now because it's a day that ends in y Tuning is the unexpected Build Bingo center square term - rolling out to agents GitHub Copilot is open source in VS Code, more Win32 app support improvements, no more fees in Microsoft Store A shift in making Windows 11 the best place for developers - some things said, some left unsaid Edge gets new AI features too of course New native app capabilities in Windows App SDK, React Native And, pre-Build, 50 million Visual Studio users Copilot for consumers does image generation now. Fun tip: You can Minecraft-ize photos OpenAI has a coding agent too, obviously And OpenAI is buying Jony Ive! Windows Administrator Protection is coming soon - And not just for businesses. This feels very much like the firewall in XP SP2, it's going to be disruptive New 24H2 features in Release Preview: New text actions in Click to Do, a lot more New 24H2 features in Dev and Beta: AI actions in File Explorer, Advanced Settings, Search improvements, more New 23H2 features, Windows 10 features in Release Preview Surface Laptop Studio RIP Calendar companion app for Windows 11/M365 Microsoft may finally put the Teams antitrust issue in the EU behind Xbox Fortnite returns to the Apple App Store Apple blocked it first, Epic complained to judge And Microsoft files a legal motion against Apple and for Epic Games Qualcomm job listing confirms Xbox plans to some degree What happens when you combine Qualcomm NPU with Nvidia GPU? Xbox May Update arrives and it's a big one Retro Classic Games for Xbox Game Pass Game Bar updates, Edge Game Assist, GeForce now etc. on PC Custom Xbox gift cards More streaming of your own games Hellblade II is coming from Xbox to PS5 Many more games coming to Xbox Game Pass across platforms Tips and Picks App pick of the week: You can try Microsoft's command line editor now Game pick of the week: Doom: The Dark Ages RunAs Radio this week: PowerShell 7.5 and DSC 3.0.0 with Jason Helmick Brown liquor pick of the week: Tamnavulin Sherry Cask Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: spaceship.com/twit uscloud.com
Agentic AI is the theme of the show this year, and this time its multi-agent with orchestration! But first, we need to discuss the protestors. Paul and Richard have stories. So many stories! Build 2025 New Microsoft 365 Copilot features are rolling out now because it's a day that ends in y Tuning is the unexpected Build Bingo center square term - rolling out to agents GitHub Copilot is open source in VS Code, more Win32 app support improvements, no more fees in Microsoft Store A shift in making Windows 11 the best place for developers - some things said, some left unsaid Edge gets new AI features too of course New native app capabilities in Windows App SDK, React Native And, pre-Build, 50 million Visual Studio users Copilot for consumers does image generation now. Fun tip: You can Minecraft-ize photos OpenAI has a coding agent too, obviously And OpenAI is buying Jony Ive! Windows Administrator Protection is coming soon - And not just for businesses. This feels very much like the firewall in XP SP2, it's going to be disruptive New 24H2 features in Release Preview: New text actions in Click to Do, a lot more New 24H2 features in Dev and Beta: AI actions in File Explorer, Advanced Settings, Search improvements, more New 23H2 features, Windows 10 features in Release Preview Surface Laptop Studio RIP Calendar companion app for Windows 11/M365 Microsoft may finally put the Teams antitrust issue in the EU behind Xbox Fortnite returns to the Apple App Store Apple blocked it first, Epic complained to judge And Microsoft files a legal motion against Apple and for Epic Games Qualcomm job listing confirms Xbox plans to some degree What happens when you combine Qualcomm NPU with Nvidia GPU? Xbox May Update arrives and it's a big one Retro Classic Games for Xbox Game Pass Game Bar updates, Edge Game Assist, GeForce now etc. on PC Custom Xbox gift cards More streaming of your own games Hellblade II is coming from Xbox to PS5 Many more games coming to Xbox Game Pass across platforms Tips and Picks App pick of the week: You can try Microsoft's command line editor now Game pick of the week: Doom: The Dark Ages RunAs Radio this week: PowerShell 7.5 and DSC 3.0.0 with Jason Helmick Brown liquor pick of the week: Tamnavulin Sherry Cask Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: spaceship.com/twit uscloud.com
Agentic AI is the theme of the show this year, and this time its multi-agent with orchestration! But first, we need to discuss the protestors. Paul and Richard have stories. So many stories! Build 2025 New Microsoft 365 Copilot features are rolling out now because it's a day that ends in y Tuning is the unexpected Build Bingo center square term - rolling out to agents GitHub Copilot is open source in VS Code, more Win32 app support improvements, no more fees in Microsoft Store A shift in making Windows 11 the best place for developers - some things said, some left unsaid Edge gets new AI features too of course New native app capabilities in Windows App SDK, React Native And, pre-Build, 50 million Visual Studio users Copilot for consumers does image generation now. Fun tip: You can Minecraft-ize photos OpenAI has a coding agent too, obviously And OpenAI is buying Jony Ive! Windows Administrator Protection is coming soon - And not just for businesses. This feels very much like the firewall in XP SP2, it's going to be disruptive New 24H2 features in Release Preview: New text actions in Click to Do, a lot more New 24H2 features in Dev and Beta: AI actions in File Explorer, Advanced Settings, Search improvements, more New 23H2 features, Windows 10 features in Release Preview Surface Laptop Studio RIP Calendar companion app for Windows 11/M365 Microsoft may finally put the Teams antitrust issue in the EU behind Xbox Fortnite returns to the Apple App Store Apple blocked it first, Epic complained to judge And Microsoft files a legal motion against Apple and for Epic Games Qualcomm job listing confirms Xbox plans to some degree What happens when you combine Qualcomm NPU with Nvidia GPU? Xbox May Update arrives and it's a big one Retro Classic Games for Xbox Game Pass Game Bar updates, Edge Game Assist, GeForce now etc. on PC Custom Xbox gift cards More streaming of your own games Hellblade II is coming from Xbox to PS5 Many more games coming to Xbox Game Pass across platforms Tips and Picks App pick of the week: You can try Microsoft's command line editor now Game pick of the week: Doom: The Dark Ages RunAs Radio this week: PowerShell 7.5 and DSC 3.0.0 with Jason Helmick Brown liquor pick of the week: Tamnavulin Sherry Cask Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: spaceship.com/twit uscloud.com
Agentic AI is the theme of the show this year, and this time its multi-agent with orchestration! But first, we need to discuss the protestors. Paul and Richard have stories. So many stories! Build 2025 New Microsoft 365 Copilot features are rolling out now because it's a day that ends in y Tuning is the unexpected Build Bingo center square term - rolling out to agents GitHub Copilot is open source in VS Code, more Win32 app support improvements, no more fees in Microsoft Store A shift in making Windows 11 the best place for developers - some things said, some left unsaid Edge gets new AI features too of course New native app capabilities in Windows App SDK, React Native And, pre-Build, 50 million Visual Studio users Copilot for consumers does image generation now. Fun tip: You can Minecraft-ize photos OpenAI has a coding agent too, obviously And OpenAI is buying Jony Ive! Windows Administrator Protection is coming soon - And not just for businesses. This feels very much like the firewall in XP SP2, it's going to be disruptive New 24H2 features in Release Preview: New text actions in Click to Do, a lot more New 24H2 features in Dev and Beta: AI actions in File Explorer, Advanced Settings, Search improvements, more New 23H2 features, Windows 10 features in Release Preview Surface Laptop Studio RIP Calendar companion app for Windows 11/M365 Microsoft may finally put the Teams antitrust issue in the EU behind Xbox Fortnite returns to the Apple App Store Apple blocked it first, Epic complained to judge And Microsoft files a legal motion against Apple and for Epic Games Qualcomm job listing confirms Xbox plans to some degree What happens when you combine Qualcomm NPU with Nvidia GPU? Xbox May Update arrives and it's a big one Retro Classic Games for Xbox Game Pass Game Bar updates, Edge Game Assist, GeForce now etc. on PC Custom Xbox gift cards More streaming of your own games Hellblade II is coming from Xbox to PS5 Many more games coming to Xbox Game Pass across platforms Tips and Picks App pick of the week: You can try Microsoft's command line editor now Game pick of the week: Doom: The Dark Ages RunAs Radio this week: PowerShell 7.5 and DSC 3.0.0 with Jason Helmick Brown liquor pick of the week: Tamnavulin Sherry Cask Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: spaceship.com/twit uscloud.com
Agentic AI is the theme of the show this year, and this time its multi-agent with orchestration! But first, we need to discuss the protestors. Paul and Richard have stories. So many stories! Build 2025 New Microsoft 365 Copilot features are rolling out now because it's a day that ends in y Tuning is the unexpected Build Bingo center square term - rolling out to agents GitHub Copilot is open source in VS Code, more Win32 app support improvements, no more fees in Microsoft Store A shift in making Windows 11 the best place for developers - some things said, some left unsaid Edge gets new AI features too of course New native app capabilities in Windows App SDK, React Native And, pre-Build, 50 million Visual Studio users Copilot for consumers does image generation now. Fun tip: You can Minecraft-ize photos OpenAI has a coding agent too, obviously And OpenAI is buying Jony Ive! Windows Administrator Protection is coming soon - And not just for businesses. This feels very much like the firewall in XP SP2, it's going to be disruptive New 24H2 features in Release Preview: New text actions in Click to Do, a lot more New 24H2 features in Dev and Beta: AI actions in File Explorer, Advanced Settings, Search improvements, more New 23H2 features, Windows 10 features in Release Preview Surface Laptop Studio RIP Calendar companion app for Windows 11/M365 Microsoft may finally put the Teams antitrust issue in the EU behind Xbox Fortnite returns to the Apple App Store Apple blocked it first, Epic complained to judge And Microsoft files a legal motion against Apple and for Epic Games Qualcomm job listing confirms Xbox plans to some degree What happens when you combine Qualcomm NPU with Nvidia GPU? Xbox May Update arrives and it's a big one Retro Classic Games for Xbox Game Pass Game Bar updates, Edge Game Assist, GeForce now etc. on PC Custom Xbox gift cards More streaming of your own games Hellblade II is coming from Xbox to PS5 Many more games coming to Xbox Game Pass across platforms Tips and Picks App pick of the week: You can try Microsoft's command line editor now Game pick of the week: Doom: The Dark Ages RunAs Radio this week: PowerShell 7.5 and DSC 3.0.0 with Jason Helmick Brown liquor pick of the week: Tamnavulin Sherry Cask Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: spaceship.com/twit uscloud.com
At RSAC Conference 2025, the conversation with Rob Allen, Chief Product Officer at ThreatLocker, centered on something deceptively simple: making cybersecurity effective by making it manageable.During this on-location recap episode, Rob shares how ThreatLocker cut through the noise of flashy booths and AI buzzwords by focusing on meaningful, face-to-face conversations with customers and prospects. Their booth was an open, no-frills space—designed for real dialogue, not distractions. What caught people's attention, though, wasn't the booth layout—it was a live demonstration of a PowerShell-based attack using a rubber ducky device. It visually captured how traditional tools often miss malicious scripts and how ThreatLocker's controls shut it down immediately. That kind of simplicity, Rob explains, is the real differentiator.Zero Trust Is a Journey—But It Doesn't Have to Be ComplicatedOne key message Rob emphasizes is that true security doesn't come from piling on more tools. Too many organizations rely on overlapping detection and response solutions, which leads to confusion and technical debt. “If you have five different jackets and they're all winter coats, you're not prepared for summer,” Sean Martin jokes, reinforcing Rob's point that layers should be distinct, not redundant.ThreatLocker's approach simplifies Zero Trust by focusing on proactive control—limiting what can execute or communicate in the first place. Rob also points to the importance of vendor consolidation—not just from a purchasing standpoint but from an operational one. With ThreatLocker, multiple security capabilities are built natively into a single platform with one agent and one portal, avoiding the chaos of disjointed systems.From Technical Wins to Human ConnectionsThe conversation wraps with a reminder that cybersecurity isn't just about tools—it's about the people and community that make the work worthwhile. Rob, Marco Ciappelli, and Sean Martin reflect on their shared experiences around the event and even the lessons learned over a slice of Detroit-style pizza. While the crust may have been debatable, the camaraderie and commitment to doing security better were not.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974⸻Guest: Rob Allen, Chief Product Officer, ThreatLocker | https://www.linkedin.com/in/threatlockerrob/ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, marco ciappelli, rob allen, cybersecurity, zero trust, threat prevention, powerShell, vendor consolidation, rsac2025, endpoint security, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
What's new in PowerShell 7.5? Richard talks to Jason Helmick about the latest version of PowerShell. Jason talks about 7.5 being a version with plenty of community contributions and what that means for everyone. He also discusses 7.6, which will be released as a long-term support version of PowerShell synchronized with .NET 10. Then, on to Desired State Configuration 3.0.0, which makes DSC work effectively across platforms, with or without PowerShell itself! 7.5 is a great version - are you up to date?LinksPowerShell 7.5PowerShell on GitHubDesired State Configuration 3.0.0WinGet ConfigurationSystem Configuration Tools in WindowsRecorded April 4, 2025
In this episode of the PowerShell Podcast, we sit down with Brock Bingham, a longtime PowerShell enthusiast, educator, and community advocate. Recorded live from PDQ Headquarters in Salt Lake City, Utah, this episode captures the high energy and camaraderie of a PowerShell Wednesday in person. Brock shares his journey from PowerShell beginner to mentor, his passion for community building, and the power of sharing knowledge with others. Key topics in this episode include: Overcoming Stage Fright and Imposter Syndrome – How PowerShell Wednesday and live presentations have helped Brock gain confidence. The Power of Documentation and Knowledge Sharing – Why good documentation and teaching others are critical for long-term growth. Community Connection and Growth – How engaging with the PowerShell community can transform your career and personal development. Exploring PowerShell Tools and Projects – From using Pester for testing to building cool GUIs with MDGRS, Brock dives into the creative side of PowerShell. Learning from Failure and Embracing Red Text – Why mistakes are a critical part of the learning journey. Finding Your Voice in the PowerShell World – Brock's advice for building confidence, sharing your work, and making an impact. From caffeine-fueled coding sessions to discovering the power of collaboration, this episode is a heartfelt conversation about growth, mentorship, and building a career around PowerShell. Join the conversation: Connect with Brock Bingham on LinkedIn: https://www.linkedin.com/in/jonathanbrockbingham/ Connect with Brock on BlueSky: https://bsky.app/profile/brockbingham.bsky.social Connect with Andrew: https://andrewpla.tech/links Join PowerShell Wednesdays every Wednesday at 2 PM EST on discord.gg/pdq The PowerShell Podcast: https://pdq.com/the-powershell-podcast The PowerShell Podcast on YouTube: The PowerShell Podcast: https://pdq.com/the-powershell-podcast
In this episode of the PowerShell Podcast, we bring you a special double feature! We chat with Bogdan Calapod live from PDQ HQ, a seasoned security expert and co-founder of Coda, who reflects on his path from hackathon projects to helping organizations secure their environments. Then, we sit down with Lucas Allman live from the PowerShell + DevOps Global Summit, where he shares his journey from podcast listener to conference presenter. Key topics in this episode include: Finding Your Place in the PowerShell Community – How Lucas went from listening to the PowerShell Podcast to presenting at Summit. Overcoming Stage Fright and Imposter Syndrome – Lucas's experience giving his first lightning demo to a room full of PowerShell pros. The Power of Personal Growth and Knowledge Sharing – Building confidence, contributing to internal user groups, and advocating for automation. Building Security from the Ground Up – Bogdan's journey from hackathon developer to security co-founder, including the creation of Coda. Simplifying Security for the Real World – Lessons learned from building tools to automate vulnerability detection and remediation. Staying Curious and Always Learning – Why continuous education, knowledge sharing, and community engagement are essential for long-term success. This episode captures the spirit of learning, teaching, and growth that defines the PowerShell community. Whether you're a newcomer or a seasoned pro, this double feature has insights for everyone. Links: Connect with Lucas Allman on LinkedIn: https://www.linkedin.com/in/lucas-allman-407a1055/ Follow Bogdan on GitHub: https://github.com/bogdan-calapod Follow Andrew: https://andrewpla.tech/links Join PowerShell Wednesdays every Wednesday at 2 PM EST on discord.gg/pdq The PowerShell Podcast on YouTube: https://youtu.be/Jhxr2GB9-Mg
Today's tale of pentest pwnage is another great one! We talk about: The SPNless RBCD attack (covered in more detail in this episode) Importance of looking at all “branches” of outbound permissions that your user has in BloodHound This devilishly effective MSOL-account-stealing PowerShell script (obfuscate it first!) A personal update on my frustration with ringing in my ears
In this on-location episode recorded at the RSAC Conference, Sean Martin and Marco Ciappelli sit down once again with Rob Allen, Chief Product Officer at ThreatLocker, to unpack what Zero Trust really looks like in practice—and how organizations can actually get started without feeling buried by complexity.Rather than focusing on theory or buzzwords, Rob lays out a clear path that begins with visibility. “You can't control what you can't see,” he explains. The first step toward Zero Trust is deploying lightweight agents that automatically build a view of the software running across your environment. From there, policies can be crafted to default-deny unknown applications, while still enabling legitimate business needs through controlled exceptions.The Zero Trust Mindset: Assume Breach, Limit AccessRob echoes the federal mandate definition of Zero Trust: assume a breach has already occurred and limit access to only what is needed. This assumption flips the defensive posture from reactive to proactive. It's not about waiting to detect bad behavior—it's about blocking the behavior before it starts.The ThreatLocker approach stands out because it focuses on removing the traditional “heavy lift” often associated with Zero Trust implementations. Rob highlights how some organizations have spent years trying (and failing) to activate overly complex systems, only to end up stuck with unused tools and endless false positives. ThreatLocker's automation is designed to lower that barrier and get organizations to meaningful control faster.Modern Threats, Simplified DefensesAs AI accelerates the creation of polymorphic malware and low-code attack scripts, Zero Trust offers a counterweight. Deny-by-default policies don't require knowing every new threat—just clear guardrails that prevent unauthorized activity, no matter how it's created. Whether it's PowerShell scripts exfiltrating data or AI-generated exploits, proactive controls make it harder for attackers to operate undetected.This episode reframes Zero Trust from an overwhelming project into a series of achievable, common-sense steps. If you're ready to hear what it takes to stop chasing false positives and start building a safer, more controlled environment, this conversation is for you.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content. Learn more.Guest: Rob Allen, Chief Product Officer, ThreatLocker | https://www.linkedin.com/in/threatlockerrob/ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, marco ciappelli, rob allen, zero trust, cybersecurity, visibility, access control, proactive defense, ai threats, policy automation, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
In this episode of the PowerShell Podcast, we sit down with Joshua Dearing, aka Fortress, to explore his personal and professional growth through PowerShell, community engagement, and saying yes to new opportunities. Fresh off his first PowerShell Wednesday presentation, Joshua shares the story of how he overcame imposter syndrome, started his blog, and found confidence by getting involved in the PowerShell community. Key topics in this episode include: Joshua's journey with PowerShell and the community What it was like presenting at PowerShell Wednesday for the first time Starting a blog using GitHub Pages, Jekyll, and PowerShell to sync with Obsidian Navigating imposter syndrome Building a culture of feedback and open communication in the workplace The impact of community, mentorship, and putting yourself out there Joshua also discusses the value of small wins, how to advocate for yourself professionally, and the importance of being visible, even when you automate away the work. From scripting with style using Spectre Console to leaning into vulnerability and reflection, this episode is a heartfelt conversation about growth, kindness, and collaboration. Join the conversation: Bio and Links: Josh is a help desk technician turned PowerShell enthusiast who transformed his career through automation—and he's on a mission to help others do the same. With a knack for simplifying software and device setups, he's all about making tech more accessible for end-users while fostering strong connections in the community. Leveraging PDQ products to streamline deployments and management, he's passionate about helping IT pros work smarter, not harder. Follow Joshua on LinkedIn: https://www.linkedin.com/in/joshuadearing/ Josh's BlueSky: https://bsky.app/profile/dearing.dev Check out his blog on GitHub pages: https://www.dearing.dev/posts/Building-a-Website-with-GitHub-Pages/ PwshSpectreConsole https://github.com/ShaunLawrie/PwshSpectreConsole View more PowerShell videos, including PowerShell Wednesdays, on the PDQ Youtube: https://www.youtube.com/@pdq Join PowerShell Wednesdays every Wednesday at 2 PM EST on https://discord.gg/pdq Andrew video about WinUIShell: https://youtu.be/-aDWww5SWOs Connect with Andrew on LinkedIn: https://www.linkedin.com/in/andrewplatech/ The PowerShell Podcast: https://pdq.com/the-powershell-podcast
In this very special episode of the PowerShell Podcast, we sit down with two legends of the PowerShell world: Jeffrey Snover, the inventor of PowerShell, and Don Jones, bestselling author, teacher, and longtime PowerShell community builder. Recorded live at the PowerShell + DevOps Global Summit, this conversation is packed with personal insights, impactful moments, and the kind of storytelling that only Snover and Jones can deliver. Key topics in this episode include: The origin stories of PowerShell and how Jeffrey and Don's paths crossed at a pivotal moment. The evolution of PowerShell as a scripting language, community, and ecosystem. The importance of storytelling in tech, from teaching to team-building to leadership. The shift from individual contributor to leader and how both hosts navigated that path with intention. The power of community: real stories from users whose lives were changed by learning PowerShell. Career advice for the next generation of IT professionals and community contributors. Along the way, we hear hilarious stories from the early days of PowerShell development, honest reflections on growth and failure, and powerful reminders that vulnerability, repetition, and kindness are core to success in any career. Whether you're new to PowerShell or a long-time community member, this episode is a true masterclass in leadership, learning, and legacy. Bio and links: Jeffrey Snover is the inventor of PowerShell, Microsoft Technical Fellow, and a legendary figure in the IT and DevOps communities. With a background in distributed systems, Jeffrey led the development of PowerShell to revolutionize system management and automation on Windows. Known for his visionary leadership and storytelling, Jeffrey has played a pivotal role in shaping modern IT practices. His work continues to inspire technologists around the world to build, share, and lead with intention and clarity. Don Jones is a bestselling author, speaker, educator, and one of the most influential figures in the PowerShell community. With decades of experience in IT, Don has written numerous foundational books on PowerShell, including Learn Windows PowerShell in a Month of Lunches. He co-founded the PowerShell + DevOps Global Summit and has mentored countless professionals through his teaching, writing, and leadership. Don is a passionate advocate for storytelling in tech, career development, and building inclusive communities that empower the next generation. https://www.linkedin.com/in/jeffreysnover/ https://www.linkedin.com/in/concentrateddon/ https://www.linkedin.com/in/andrewplatech/ https://www.powershellsummit.org/ The PowerShell Podcast: https://pdq.com/the-powershell-podcast The PowerShell Podcast on YouTube: https://youtu.be/ooyO8GsHVTs
In this episode of the PowerShell Podcast, we bring you another Summit Sessions special recorded live at the PowerShell + DevOps Global Summit 2025! This episode is a celebration of first-time attendees, newcomers to the PowerShell community, and those discovering their voice in tech. Andrew Pla sits down with passionate IT professionals who share their personal stories of growth, connection, and finding purpose through PowerShell and community. Whether you're just starting your automation journey or you're looking to reconnect with your "why," this episode is packed with inspiration, encouragement, and honest reflections on what it means to grow in public, contribute meaningfully, and be part of something bigger. Guests in this episode include: Adam Rivera – An IT manager turned PowerShell enthusiast, Adam shares his Summit experience, the joy of hands-on learning, and why he wants to empower his users with automation. His journey from podcast listener to Summit participant shows the real impact of showing up and taking a chance on growth. Asmar Fontenot – First-time Summit attendee who speaks passionately about soft skills, mentorship, and embracing a "jack of all trades" background. Asmar reflects on his career, the power of face-to-face connection, and why helping others and being authentic are his driving forces in tech. https://www.linkedin.com/in/asmar-fontenot/ Luis Orta – A cloud systems engineer serving rural health clinics across the Pacific Northwest, Luis brings a powerful sense of mission and purpose to his work. He shares how PowerShell helps enable critical care for underserved communities, and how creativity, through music and code, fuels meaningful progress. https://www.linkedin.com/in/luisrorta/ Links: https://www.linkedin.com/in/andrewplatech/ The PowerShell Podcast: https://pdq.com/the-powershell-podcast The PowerShell Podcast on YouTube: https://youtu.be/ChItOJcsf48
LevelBlue's latest Threat Trends Report pulls no punches: phishing, malware, and ransomware attacks are not just continuing—they're accelerating. In this episode of ITSPmagazine's Brand Story podcast, hosts Sean Martin and Marco Ciappelli are joined by Kenneth Ng, a threat hunter and lead incident responder on LevelBlue's Managed Detection and Response (MDR) team, to unpack the findings and recommendations from the report.Phishing as a Service and the Surge in Email CompromisesOne of the most alarming trends highlighted by Kenneth is the widespread availability of Phishing-as-a-Service (PhaaS) kits, including names like RaccoonO365, Mamba 2FA, and Greatness. These kits allow attackers with little to no technical skill to launch sophisticated campaigns that bypass multi-factor authentication (MFA) by hijacking session tokens. With phishing attacks now leading to full enterprise compromises, often through seemingly innocuous Microsoft 365 access, the threat is more serious than ever.Malware Is Smarter, Simpler—and It's Spreading FastMalware, particularly fake browser updates and credential stealers like Lumma Stealer, is also seeing a rise in usage. Kenneth points out the troubling trend of malware campaigns that rely on basic user interactions—like copying and pasting text—leading to full compromise through PowerShell or command prompt access. Basic group policy configurations (like blocking script execution for non-admin users) are still underutilized defenses.Ransomware: Faster and More Automated Than EverThe speed of ransomware attacks has increased dramatically. Kenneth shares real-world examples where attackers go from initial access to full domain control in under an hour—sometimes in as little as ten minutes—thanks to automation, remote access tools, and credential harvesting. This rapid escalation leaves defenders with very little room to respond unless robust detection and prevention measures are in place ahead of time.Why This Report MattersRather than presenting raw data, LevelBlue focuses on actionable insights. Each major finding comes with recommendations that can be implemented regardless of company size or maturity level. The report is a resource not just for LevelBlue customers, but for any organization looking to strengthen its defenses.Be sure to check out the full conversation and grab the first edition of the Threat Trends Report ahead of LevelBlue's next release this August—and stay tuned for their updated Futures Report launching at RSA Conference on April 28.Learn more about LevelBlue: https://itspm.ag/levelblue266f6cNote: This story contains promotional content. Learn more.Guest: Kenneth Ng, threat hunter and lead incident responder on LevelBlue's Managed Detection and Response (MDR) team | On LinkedIn: https://www.linkedin.com/in/ngkencyber/ResourcesDownload the LevelBlue Threat Trends Report | Edition One: https://itspm.ag/levelbyqdpLearn more and catch more stories from LevelBlue: https://www.itspmagazine.com/directory/levelblueLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
Are some of your team members starting to hate PowerShell? Richard talks to Barbara Forbes about her experiences with teams frustrated by PowerShell. Barbara talks about overcomplicating PowerShell scripts—the kind the most senior folks can create but no one else can maintain. Eventually, nobody will want to touch those scripts. Then there is the question of business value—does everything need to be automated? And by how much? Often, the appropriate solution solves 80% of the cases; the other 20% are best done by hand because the cost and complexity of the last 20% are too high. Focus on the return on investment for the business, and you'll keep the love of PowerShell alive! LinksPowerShellPester TestingGitHub CopilotBicepRecorded February 24, 2025
In this episode of the PowerShell Podcast, we bring you a special edition live from the PowerShell + DevOps Global Summit 2025 — the Summit Sessions! This episode is packed with energy, community stories, and career inspiration as Andrew Pla chats with community leaders, organizers, and first-time contributors about what makes this event and the PowerShell community so special. Guests in this episode include: Missy Januszko – Longtime content director of the Summit reflects on her years of shaping the conference, what makes a great CFP (Call for Papers), and her decision to pass the torch to the next generation of leaders. Leslie Brendible– Steps up in a big way to help lead this year's Summit, sharing her background in event planning, her love for connecting people, and her thoughts on community and representation. Haley Phillips – PowerShell MVP and champion of soft skills, vulnerability, and personal development in tech. Haley dives into mentorship, therapy, imposter syndrome, and how modeling behavior can shape the culture of teams and communities. The PowerShell Podcast on YouTube: https://youtu.be/87axet9zvyQ The PowerShell Podcast: https://pdq.com/the-powershell-podcast
In this casual bar-session chat recorded at the PowerShell + DevOps Global Summit 2025, host Andrew Pla sits down with David R, a first-time attendee with a passion for learning PowerShell. David shares how the PowerShell Podcast itself inspired him to attend and helped shape his scripting journey. What began as a work assignment turned into a powerful learning path, community connection, and a personal transformation.
In this episode of the PowerShell Summit 2025 Bar Sessions, Frank Lesniak makes a triumphant return to the podcast. Frank has taken the reigns In this two-sided interview, Frank flips the script and interviews Andrew, but only after we talk about how his week is going, fine dining, how to grow in your career and capitalize on opportunity, the value of empowering others, and more! Links: The PowerShell Podcast: https://pdq.com/the-powershell-podcast The PowerShell Podcast on YouTube: https://youtu.be/HoYKzgiJxkk
In this episode of the PowerShell Summit Bar Sessions we talk with Steven Judd. We talk about Summit, Sean Kearney Spirit award, community, career, and more! Steven Judd is a 25+ year IT Pro Links: Get more updates from Summit from LinkedIn: https://www.linkedin.com/in/andrewplatech/ https://blog.stevenjudd.com/My-Content-List/ https://www.linkedin.com/in/stevenjudd/ https://www.powershellsummit.org/ https://mvp.stevenjudd.com https://mydemoswork.com https://store.stevenjudd.com all proceeds go towards buying more swag to give away (he has a lot, trust me) PowerShell Podcast on YouTube: https://youtu.be/6WTIsOnT5PU The PowerShell Podcast: https://pdq.com/the-powershell-podcast
In this episode of the PowerShell Podcast, we're joined by the legendary Jeff Hicks, PowerShell educator, author, speaker, and community pillar. With decades of experience shaping the PowerShell landscape, Jeff returns to the podcast to share insights from his latest projects, discuss the evolution of the community, and offer wisdom for both new and experienced PowerShell users. From PowerShell Summit to writing foundational books and building up new contributors, Jeff continues to play a critical role in shaping the PowerShell ecosystem. Key topics in this episode include: The human side of scripting – Writing PowerShell that is usable, flexible, and considerate of others' needs. Behind the PowerShell Pipeline – Jeff's new LeanPub book exploring deeper PowerShell principles. Fundamental PowerShell commands – Get-Help, Get-Command, Get-Member, and why every PowerShell user should master them. How to troubleshoot PowerShell like a pro – Why starting simple, verbose logging, and clear design make all the difference. Reflections on PowerShell Summit – The importance of community, hallway conversations, and building the next wave of contributors. Teaching as a path to mastery – Why giving back through mentorship, writing, and speaking strengthens both your skills and the community. Jeff also shares his advice for nervous first-time speakers and attendees, and why being kind is one of the most impactful things you can do - both in and outside of tech. Bio and Links: Jeffery Hicks is an IT Pro veteran with 35 years of experience, much of it spent as an IT infrastructure professional specializing in Microsoft server technologies with an emphasis on automation and efficiency. He has been a Microsoft MVP since 2007 for his work in PowerShell. Jeff is a respected and well-known author, teacher, and consultant. He has taught or presented PowerShell content and the benefits of automation to IT Pros worldwide since its inception. He has authored, co-authored, and edited several books, contributed to numerous online sites, and, back when it was still a thing, several print publications. Jeff is a Pluralsight author and a frequent speaker at technology conferences and user groups. Check out all of Jeff's links and follow him here: https://jdhitsolutions.github.io/ Check out his book Behind the PowerShell Pipeline on LeanPub: https://leanpub.com/behind-the-pspipeline Join PowerShell Wednesdays at 2 PM EST on discord.gg/pdq Connect with Andrew on LinkedIn and share your PowerShell story: https://www.linkedin.com/in/andrewplatech/ The PowerShell Podcast: https://pdq.com/the-powershell-podcast The PowerShell Podcast on YouTube: https://youtu.be/cdtxSI8Tq3E
In this episode of the PowerShell Podcast, we reconnect with Jess Pomfret, a PowerShell and SQL Server powerhouse, LinkedIn Learning instructor, and community advocate. From her early days in England to becoming a respected speaker and consultant, Jess shares her journey into tech, her passion for automation, and the importance of mentorship, curiosity, and community. Key topics in this episode include: Jess's transition from footballer to DBA – How a soccer scholarship led her to a tech career in the U.S. The power of PowerShell and DBA Tools – How Jess leverages PowerShell to automate SQL Server tasks and save time. Finding a community in SQL and PowerShell – Jess reflects on how welcoming both communities are and the impact they've had on her career. Career growth through speaking and mentoring – Encouraging others to speak, contribute, and grow through conferences and collaboration. Working with Data Masterminds – The benefits of working in a high-level consulting team and tips for managing multiple clients and context switching. LinkedIn Learning and teaching at scale – Behind the scenes of her professional training content and what it's like filming for LinkedIn Learning. Jess also shares her favorite DBA Tools command, productivity tips for conferences, and the story behind her podcast Finding Data Friends, which highlights voices in the data world. Bio and links: Jess Pomfret is a Data Platform Engineer and a Dual Microsoft MVP. She started working with SQL Server in 2011, and enjoys the problem-solving aspects of automating processes with PowerShell. She also enjoys contributing to dbatools and dbachecks, two open source PowerShell modules that aid DBAs with automating the management of SQL Server instances. She has also contributed to the SqlServerDsc module, adding several new resources to use when configuring your SQL Servers. She grew up in the South West of England and outside of her DBA life enjoys Crossfit, cycling and watching proper football. Connect with Jess on LinkedIn: https://www.linkedin.com/in/jpomfret and Bluesky: https://bsky.app/profile/jpomfret.co.uk Watch Finding Data Friends on YouTube: https://www.youtube.com/@findingdatafriends/videos Check out her LinkedIn Learning courses: https://www.linkedin.com/learning/instructors/jess-pomfret Explore DBA Tools at dbatools.io Join PowerShell Wednesdays at 2 PM EST on https://discord.gg/pdq The PowerShell Podcast: https://pdq.com/the-powershell-podcast The PowerShell Podcast on YouTube: https://youtu.be/L4zABO526bM