Skip to main content

Windows PowerShell Security

Windows PowerShell is a task-based command-line shell or user interface that allows for task automation to manage operating systems and processes. This tool is increasingly used by malicious actors to gain control of systems once they infiltrate an organization’s network. Based on this trend, we advise system administrators to implement appropriate mitigation controls using a multi-layered approach that reduces the risk of this happening in your IT environment. These measures include implementing the principle of least privilege to limit unauthorized use. In addition, we urge system administrators to review the detailed guidance from Microsoft on how to configure PowerShell Security here.