- This event has passed.
October ISSA Fort Worth Chapter Meeting
October 13, 2020 @ 4:30 PM - 5:30 PMFree
Topic: Monitoring PowerShell – Differentiating adversaries from admins
PowerShell is a ubiquitous and dynamic command-line shell and scripting language that’s as popular among administrators as it is among adversaries. While their objectives vary wildly, these two groups rely on many of the same features, making it difficult to distinguish malicious PowerShell activity from legitimate. In this talk, Shane Welcher, a detection engineer at Red Canary and former system administrator, will offer advice on how security teams can better observe, detect, and differentiate between benign and bad PowerShell.
Date: October 13, 2020
Time: 4:30 – 5:30 PM
Google Meet: meet.google.com/nvk-ataq-fua
Speaker: Shane Welcher
Shane has a wide range of security experience: data analysis, forensics, debugging malware, penetration testing, and network and system administration. He is passionate about open source projects and was the highest community contributor to the Atomic Red Team GitHub project before joining Red Canary. In his free time, Shane enjoys studying different approaches to exploiting networks and applications, assisting others with open-source SIEM solutions, and traveling.