Topics include analyzing your scripts for code injection, configuring DSC with SQL, presentations from PSConfAsia, and more…
Intertubes scoured for content by Brett Bunker, Robin Dadswell, and Mark Roloff.
by Mike Kanakos on October 27th
Digging into the security considerations surrounding PowerShell remoting can be a bit daunting. Fortunate for the rest of us, Mike was recently tasked with defining PowerShell’s security posture in his organization and has written about his findings in this blog post. This is a great place to dive in for anyone looking to learn about it.
by Emin Atac on October 30th
Malicious code injection probably isn’t something many of us think about often, but we probably should. The InjectionHunter module can help you spot these in your scripts, but only if you pass them in as a ScriptBlockAst. Emin wanted something more accessible. This is a pretty cool write up about how Emin wrote a function to extend the inputs for this module, making it easier to analyze your code for these particular issues.
by Mike Robbins on November 1st
Mike is up to the fourth part in his series on PowerShell’s AST. In this post, he pulls together knowledge from the previous three to build an advanced function which can pull in code from a variety of sources and output an AST from it.
by Ben Gelens on November 1st
Windows Server is introducing the capability for a SQL-backed DSC pull server, and Ben has been working on a series to explore that. In his third post, he dives into configuring an Azure SQL instance, setting up the pull server, and registering a node. All with PowerShell!
by Daler Sayfiddinov on November 2nd
Here’s an interesting way to store and distribute your scripts internally. Daler shows us how to use a SharePoint list as a backend repository with PowerApps acting as a frontend. Search, filtering, and the ability to submit new scripts all built-in.
/u/WhatTheHomePod just wants to spread a little love and appreciation by thanking /r/PowerShell for being such an awesome community that helped them to get started learning this great tool.
If cloud security is part of your jam, Azure ATP can now help you monitor for remote PowerShell execution.
At this year’s PSConfAsia, Steve Lee gave a great presentation that shows off some of the great cross-platform features that he and his team have brought to PS Core.