Meeting Register Page

Meeting banner
Powershell JEA - Sponsored by Red Canary
The ISSA Central Maryland chapter appreciates sponsorship of this month's meeting by Red Canary. We are also happy to be partnering with the National Capital and NOVA ISSA Chapters

Abstract - PowerShell Just Enough Administration (JEA) allows us Systems Administrators to empower our fellow admins, developers, and security personal to accomplish what they need to on our systems. Give them just enough administrative permissions to accomplish their duties without interrupting your day or night. This talk shows how to assign roles and give the appropriate permissions to those roles.

The presentation will start off with a little bit of JEA background and what problem it solves. We will discuss what planning and considerations are involved with implementing JEA. We will discuss the different resource files needed and how to create them. We will talk about how granular or liberal we can get with creating our rules. We will look at an example of the various resource files then create our own. I will show the commands need to enable JEA. We will do a walkthrough of setting up JEA, creating our files and enabling JEA, and demo how you can give a developer elevated permission on certain PowerShell commands. I will show how you can assign a group of commands with wild cards like get-IIS and specific commands like stopping a specific service with specific arguments and switches. We will have to talk about where the audience can get some more in-depth training on this subject, there is no way to learn it in an hour.

Bio - A hardworking and dedicated cybersecurity professional who enjoys scripting and participating in capture the flags. I have served over 20 years in the military in various technical and leadership positions. In my current assignment, I am part of a Cyber Protection Team and serve as the Microsoft Windows Expert. See James full bio at https://honeycuttjames.wixsite.com/mysite/about

Dec 16, 2020 05:00 PM in Eastern Time (US and Canada)

Loading
* Required information