Contact Us
0 Results Found
              Back To Results
                Close Contact Us

                The PowerShell Risk

                Understanding and avoiding PowerShell attacks

                Speaker: Lee Lawson, Special Operation Resercher, Secureworks Counter Threat Unit
                Recorded: June 20, 2017
                Duration: 60 Mins

                What you will learn:

                • What PowerShell is and how it is used in “living off the land” attacks
                • Why built-in tools like PowerShell are so attractive to threat actors
                • Examples of malicious PowerShell use
                • How to defend your organization against common methods to evade prevention and detection

                In a recent Secureworks engagement, 98.5% of the 3,477 commands executed by threat actors were native to the Windows operating system.

                PowerShell is a popular tool that Microsoft has been including with the Windows OS since 2009, but malicious PowerShell use is rivaling ransomware in popularity with threat actors. Security products focused on preventing endpoint threats are often not enough to differentiate legitimate from malicious PowerShell use. Join us for a discussion of why PowerShell is so risky, how Secureworks researchers identify PowerShell threats, and how you can defend your organization.

                View Your On-Demand Webcast

                All fields are required.
                Watch Now

                We generate around 2 billion events each month. With Secureworks, we are able to crunch down that number to 20-30 high fidelity alerts — and that makes my team's job much easier.
                Sunil Saale, Head of Cyber and Information Security, Minter Ellison
                Red Cloak™ Threat Detection and Response isn’t just the next generation of SIEM, it’s an evolution.
                David Levine, CISO, Ricoh Group

                Why Secureworks?

                Secureworks (NASDAQ: SCWX) a global cybersecurity leader, enables our customers and partners to outpace and outmaneuver adversaries with more precision, so they can rapidly adapt and respond to market forces to meet their business needs. With a unique combination of cloud-native, SaaS security platform and intelligence-driven security solutions, informed by 20+ years of threat intelligence and research, no other security platform is grounded and informed with this much real-world experience.