Utilizing the Tanium PowerShell Security Content

PowerShell is a legitimate management tool used by Windows system administrators. It has become common for attackers to create fileless malware using PowerShell to avoid detection. Tanium has PowerShell Security content that can be used to strengthen intelligence related to PowerShell usage. For a large enterprise, it's important to manage the implementation of this content carefully and automatically adjust if needed. This presentation will cover issues that may be encountered during implementation. It will provide a solution by using custom tagging along with additional scheduled actions and saved questions to lessen the impact of any issues.

Additional details:

Session Tag
Tanium Platform, Risk & Compliance Management, Sensitive Data Monitoring, Threat Hunting
Session Type
In-Person, Breakout