powershell

Ever wonder how a young girl with an intense fascination for programming and computers catapults into the world of IT, becoming a crucial part of Microsoft's security research team? Let's navigate this riveting journey with Miriam, who shares her personal experiences of making her way into the IT realm via an unanticipated apprenticeship that turned her life around. From her childhood passion to her current role in the industry, we delve into her remarkable story.

Miriam's tale is one of determination and grit, with her unwavering perseverance finally landing her a position at Microsoft - an opportunity she initially turned down. Learn how a chance conversation swayed her to embrace this offer and how she finally achieved her ambition of joining Microsoft's red team. Here's a glimpse into her daily life, the challenges she tackled while relocating, and the company's evolution amidst the pandemic.

Apart from her inspiring journey, this episode brings into focus the significance of professional networking, with Miriam sharing how it can impact both the company and the customers positively. She also takes us through her experience of writing a book on PowerShell automation and scripting for cybersecurity, shedding light on the challenges she faced in the process. As a bonus, find out how you can benefit from her ongoing efforts to promote Cybersecurity Awareness Month, and grab a chance to get a 20% discount on her book! So, sit back, tune in, and get ready to be inspired.

LinkedIn: https://www.linkedin.com/in/miriamwiesner/
Website: https://miriamxyra.com/
Twitter: https://twitter.com/MiriamXyra
Mastodon: @mw@infosec.exchange

Book: https://www.amazon.com/gp/product/1800566379/ref=sw_img_1?smid=ATVPDKIKX0DER&psc=1
Packt Link: https://www.packtpub.com/product/powershell-automation-and-scripting-for-cybersecurity/9781800566378
Book Discount Code: 20cyberbooks

Affiliate Links:
NordVPN: https://go.nordvpn.net/aff_c?offer_id=15&aff_id=87753&url_id=902

Follow the Podcast on Social Media!
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Patreon: https://www.patreon.com/SecurityUnfilteredPodcast
YouTube: https://www.youtube.com/@securityunfilteredpodcast
TikTok: Not today China! Not today

Is your Exchange server one of the vulnerable ones? Richard talks to Gareth Gudger about the ongoing security concerns around on-premises Exchange servers. The conversation addresses a blog post by the Exchange server team about restricting access of potentially vulnerable Exchange servers to Exchange Online. But, as Gareth explains, this has to do with hybrid Exchange, where your on-premises server can access Exchange Online in a privileged state. What is the right thing to do to limit exploits in Exchange? Keeping up with the latest versions, patching, and ultimately maintaining your entire infrastructure, especially Active Directory - all play a role in securing on-premises infrastructure. Stay vigilant!

Links:

• Blocking Email from Vulnerable Exchange Servers
• Tony Redmond's Comment on the Blog Post
• Deprecation of Remote PowerShell
• Re-enabling or Extending RPS
• Exchange Online PowerShell v3
• Exchange Server 2013 End of Support
• Turning off your Last Exchange Server
• Office 365 for IT Pros

Recorded April 4, 2023

Guest: Sheldon Carmichael, Information Security Architect

On LinkedIn | https://www.linkedin.com/in/sheldoncarmichael/

On Twitter | https://twitter.com/Poppa_Shell

Host: Phillip Wylie

On ITSPmagazine  👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/phillip-wylie

______________________

Episode Sponsors

Are you interested in sponsoring an ITSPmagazine Channel?
👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network

______________________

Episode Introduction

Sheldon discusses various self-learning resources and believes anyone can learn cybersecurity through dedication and passion. He shares his experiences with hacking Wi-Fi and improving password policies, emphasizing the importance of networking and continued learning. Sheldon also addresses whether coding is necessary for a career in cybersecurity, stating that while it is not required, it can be helpful to learn scripting languages like PowerShell or Python. He encourages people to contact him for advice or mentorship.

______________________

Resources

______________________

For more podcast stories from The Hacker Factory with Phillip Wylie, visit: https://www.itspmagazine.com/the-hacker-factory-podcast

Guest: Sheldon Carmichael, Information Security Architect

On LinkedIn | https://www.linkedin.com/in/sheldoncarmichael/

On Twitter | https://twitter.com/Poppa_Shell

Host: Phillip Wylie

On ITSPmagazine  👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/phillip-wylie

______________________

Episode Sponsors

Are you interested in sponsoring an ITSPmagazine Channel?
👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network

______________________

Episode Introduction

Sheldon discusses various self-learning resources and believes anyone can learn cybersecurity through dedication and passion. He shares his experiences with hacking Wi-Fi and improving password policies, emphasizing the importance of networking and continued learning. Sheldon also addresses whether coding is necessary for a career in cybersecurity, stating that while it is not required, it can be helpful to learn scripting languages like PowerShell or Python. He encourages people to contact him for advice or mentorship.

______________________

Resources

______________________

For more podcast stories from The Hacker Factory with Phillip Wylie, visit: https://www.itspmagazine.com/the-hacker-factory-podcast

How about a free suite of over 500 tools for SQL Server best practices, administration, development, and migration? Richard talks to Rob Sewell about the ever-growing dbatools PowerShell module. While its origins are in migrating SQL Server databases from one environment (and version) to another, the range of capabilities is extensive. Rob talks about the power of repeatability when attempting to do these potentially complex tasks - which is best served by scripting. But why write the scripts when they already exist? The conversation also digs into learning as a DBA, including getting involved with conferences like SQLBits!

Links:

• dbatools
• dbachecks
• dbatools on PowerShell Gallery
• SQL Server Management Objects
• dbatools in a month of lunches
• RunAs at SQL Bits!

Recorded January 10, 2023

What can Chocolatey do for you? Richard talks to Gary Ewan Park about the latest version of Chocolatey, including Chocolatey for Business. Originally a free, open-source product for application management primarily targeted at software developers, Chocolatey has evolved into a modern software automation product for managing software deployment on workstations and servers. Gary talks about keeping deployments self-contained and straightforward - use the Internet if you want to, but you can also do all deployments from a local package manager as well. With self-service and central management tools, you should look at the latest version of Chocolatey for Business!

Links:

• Chocolatey
• Chocolatey for Business
• Puppet
• Chef
• Boxstarter
• Chocolatey Community Repository
• Windows Autopilot

Recording February 17, 2022

How does Microsoft Viva work alongside your Intranet? Richard talks to Tracy van der Schyff about her recent projects integrating Viva into existing intranet infrastructures. Tracy explains that Viva, specifically Viva Connections, does not change your Intranet but does assist in organizing access to various aspects of your Intranet with dashboards and the SharePoint App Bar. This leads to a conversation about managing both curation and customization of views of an organization to its employees. A single view doesn't work for everyone, and uncontrolled customization leads to chaos - where is the balance? The new tools in Viva can help!

Links:

• Microsoft Viva
• Viva Connections
• Viva Learning
• SharePoint App Bar
• Microsoft Yammer
• Microsoft Viva in Docs
• Microsoft Viva Essential Training
• Microsoft Viva Roadmap
• Microsoft Viva Blog
• Microsoft Viva at Ignite
• Tracy's Blog

Recorded January 17, 2022

• Part 1: Cover Reinvent 2021 announcements
• Part2: Talk about getting started:
  • AWS Free Tier
  • AWS Academy (for students)
  • AWS Sagemaker Studio Lab
• Part 3: Cloud development environments
  • AWS Cloudshell Can run Bash, ZSH or Powershell
  • AWS Cloud9 Supports many languages including Python and C#
• Notes on Episode 2

If you enjoyed this video, here are additional resources to look at:

Coursera + Duke Specialization: Building Cloud Computing Solutions at Scale Specialization: https://www.coursera.org/specializations/building-cloud-computing-solutions-at-scale

Python, Bash, and SQL Essentials for Data Engineering Specialization: https://www.coursera.org/specializations/python-bash-sql-data-engineering-duke

O'Reilly Book: Practical MLOps: https://www.amazon.com/Practical-MLOps-Operationalizing-Machine-Learning/dp/1098103017

O'Reilly Book: Python for DevOps: https://www.amazon.com/gp/product/B082P97LDW/

Pragmatic AI: An Introduction to Cloud-based Machine Learning: https://www.amazon.com/gp/product/B07FB8F8QP/

Pragmatic AI Labs Book: Python Command-Line Tools: https://www.amazon.com/gp/product/B0855FSFYZ

Pragmatic AI Labs Book: Cloud Computing for Data Analysis: https://www.amazon.com/gp/product/B0992BN7W8

Pragmatic AI Book: Minimal Python: https://www.amazon.com/gp/product/B0855NSRR7

Pragmatic AI Book: Testing in Python: https://www.amazon.com/gp/product/B0855NSRR7

Subscribe to Pragmatic AI Labs YouTube Channel: https://www.youtube.com/channel/UCNDfiL0D1LUeKWAkRE1xO5Q

View content on noahgift.com: https://noahgift.com/

View content on Pragmatic AI Labs Website: https://paiml.com/

Check out all a Master's degree worth of courses on Coursera on topics ranging from Cloud Computing to Rust to LLMs and Generative AI: https://www.coursera.org/instructor/noahgift.

What's the right way to have virtual desktops in the cloud? Richard talks to Aidan Finn about a virtualization project he was involved with that started with Citrix Cloud, which runs in Azure. Aidan talks about the number of virtual machines involved in a large-scale VDI implementation, many of which are infrastructure and plumbing. Why own the plumbing when you can get it as a service? The conversation then digs into Azure Virtual Desktop, which doesn't have all the bells and whistles of Citrix Cloud, but does simplify implementation a great deal. No virtualization implementation is ever simple, but working at the platform level can make it easier!

Links:

• Citrix Cloud
• Remote Desktop Services
• Azure Virtual Desktop
• Packer
• Azure Monitor
• Azure VM Image Builder
• MSIX

Recorded September 9, 2021

In this episode we talk about key skills every SOC analyst should have and we talk about common areas or pitfalls some fall into and how to navigate through them. We hope you enjoy this episode as we had a blast recording it. 

Follow the Podcast on Social Media! Links Below 
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Patreon: Coming Soon!

Affiliate Links:
NordVPN: https://go.nordvpn.net/aff_c?offer_id=15&aff_id=87753&url_id=902

Follow the Podcast on Social Media!
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Patreon: https://www.patreon.com/SecurityUnfilteredPodcast
YouTube: https://www.youtube.com/@securityunfilteredpodcast
TikTok: Not today China! Not today

Secrets Management ships for PowerShell! Richard chats with Sydney Smith who is the product manager for Secrets Management about how this PowerShell extension helps you access and manage multiple key stores in your organization and provides secrets for your PowerShell scripts. Sydney talks about how the development process of Secrets Management was done out in the open, on GitHub, with lots of feedback from the community. It works with multiple key stores, including its own, and leaves room for you to provide very granular security to your secrets - take a look!

Links:

• PowerShell Gallery
• Azure Key Vault
• KeePass
• AWS Key Management Service
• Windows CredMan
• PowerShell SecretStore on GitHub
• PowerShell SecretManagement on GitHub

It's 2021 - does PowerShell really need any new features? Jason Helmick says yes! Richard and Jason talk about Jason's move to Microsoft into the PowerShell team and the cool new things coming down the pipeline. First up is Secrets Management, providing a great means to avoid putting passwords in scripts and to be able to utilize secure accounts without ever knowing the secrets in the first place. Jason also explores IntelliSense and IntelliCode with PowerShell and how new AI technologies can make your PowerShell coding experience even better. Finally, Crescendo - tooling to make it easier to wrap native command line tools with PowerShell. 2021 looks to be a great year for PowerShell!

Links:

• Secrets Management Module
• IntelliCode
• Visual Studio Code
• PowerShell Crescendo
• Crescendo on GitHub

Ransomware attacks are a disaster! Can your disaster recovery strategy cope? Richard talks to Dave Kawula about his experiences battling ransomware attacks - and how failed backup strategies facilitate the bad guys getting paid. Dave talks about securing your backups with separate credentials - the ransomware folks count on getting all-powerful administrator accounts! When you granularize your security (call it Just Enough Admin) you make it harder for ransomware to succeed. Get smarter about protecting your backups!

Links:

• Azure Storage Blobs
• Azure Key Vault
• Azure Backup and Disaster Recovery
• Azure Site Recovery
• Cybersecurity Insurance

Recorded 1/20/20 - Powershell is a frequent flyer in security headlines - a powerful and oft wielded tool for attackers and defenders alike. This ep takes a look at Powershell and how to help ensure its security posture as an effective management tool. We also look at the missing-the-forrest-for-the-trees concept of behind being concerned about the latest shiny ATP before all else.Full show notes on the Talos blog