Explore defensive strategies against PowerShell attacks in this 40-minute conference talk from Derbycon 7. Delve into topics such as VBA, Win32 API, post-exploitation frameworks, and the MITRE Framework. Learn why PowerShell is commonly used and examine the challenges of blocking it. Discover PowerShell's role as a management engine and its security features, including Just Enough Administration, local sandboxing, and security transparency. Investigate advanced security measures like configuration module pipeline logging, system transcripting, and script lock logging. Analyze techniques such as Invoke-Obfuscation and Invoke-Expression, and explore antimalware solutions, protected event logging, and useful PowerShell events. Gain insights into PowerShell scripts, abstract syntax trees, and Device Guard application whitelisting to enhance your organization's security posture against PowerShell-based threats.