Truth in IT
    • Sign In
    • Register
        • Videos
        • Channels
        • Pages
        • Galleries
        • News
        • Events
        • All
Truth in IT Truth in IT
  • Data Management ▼
    • Converged Infrastructure
    • DevOps
    • Networking
    • Storage
    • Virtualization
  • Cybersecurity ▼
    • Application Security
    • Backup & Recovery
    • Data Security
    • Identity & Access Management (IAM)
    • Zero Trust
    • Compliance & GRC
    • Endpoint Security
  • Cloud ▼
    • Hybrid Cloud
    • Private Cloud
    • Public Cloud
  • Webinar Library
  • TiPs
  • DRAW

Essential PowerShell Resources & Security Tools for Sysadmins

PDQ
06/14/2026
0 (0%)
Share
  • Comments
  • Download
  • Transcript
Report Like Favorite
  • Share/Embed
  • Email
Link
Embed

Transcript


You know, it's a PowerShell year. A lot of people have been learning it. And this week I wanted to give people some fantastic resources. And I said, let's hit them with a double whammy, two times slammy. And I did the blog as well. So there's actually a blog on this very topic with all the links we're going to look at today. We can check out some of my favorite resources. Some of them are new. Some of them are old. Some of them are a little bit off the beaten path. And honestly, there's a lot of really cool security ones that I want to talk about a lot. We'll start at the top. People know this already. They've been watching our stuff for a while. Windows Terminal, incredibly helpful. If you're on Windows, you probably already have it, but make sure you're using that. VS Code, PowerShell, we've done episodes on that. And PowerShell 7. PowerShell 7 is the latest and greatest. A lot of things are going to require you to have that. If you're a super noob and you're rocking Windows PowerShell and the ISE, there's nothing wrong with that. But I'm trying to set you up for success, not for, you know, living in yesteryear. No. Yesteryear. Yesteryear. Let's click on that top one, though. Getting started with PowerShell, the Jumpstart series, because this is like an oldie but goldie. This, yeah, PowerShell 3.0, very old. Scroll down, let's see if we can get some photos. If there's any, yeah, look, look at that. Can you imagine? Man, I'd love to see that. Wow, 2013. Yes, but it's still actually relevant and good, and it's gonna get you the fundamentals. The fundamentals haven't changed. The language is still, like, generally the same. So check that out if you want a little taste of the olden days. I'd be remiss if I didn't tell them about all the great work we do here at PDQ. First of all, we have a blog such as this. We have PowerShell Wednesday, which we do every single Wednesday. We have a PowerShell livestream where we'll cover beginner topics, advanced topics, some of the security tools you'll see on here. Today we do. There's some great channels, PowerShell Conference Europe, PowerShell.org. Those are the two biggest PowerShell conferences, and pretty much all the talks are published on YouTube. So if you're not able to go to conferences, you live in, like, a random country, and you can't make travel, well, you can still learn from a lot of the top minds on the latest and greatest, which isn't always included in AI. Like, AI isn't trained on these new modules that were just written that are only used by, like, 200 people who know what's going on. So it's helpful to be connected with the community like this. PS Readline, always great. You know, sometimes we like things that look pretty. This is just stuff to make things look pretty for those advanced users. Posh Git, yeah, Git's good. Oh, my Posh. Oh, my Posh. Yes. Import Excel is worth talking about just a little bit. It kind of changes people's life if they've never heard it before, and they're a little bit comfortable. Have you guys heard of this one before? I think, haven't you showed us Import Excel before? It's evergreen, for sure, I have. Yeah, it's a good one. It has, like, millions and millions and millions of downloads, because it's just so helpful. A lot of people deal with CSV, which is cool for us, you know, if we're not in boardrooms all day, but for those leaders, for those managers, a lot of times they enjoy Excel for some reason. And so you can now, without having to have Excel installed, export things to Excel. I've done it, one of my, like, most impactful projects, it wasn't actually the most impactful, but for me it was, was just doing a reporting on some licensing for each of our sites, just looping through and creating a simple-looking thing in Excel, but somebody was manually doing that every single week, saving a ton of time, and it was free 99. Free 99? Twas, twas. Twas, he just said twas. Twas. Twas, twas, twas, you know. Is that, like, 90 or 20-something? 20-something? Jeez Louise, come on, Terry, I'm 22, you got it. Okay, that's what I thought, just go ahead. So security tools are really where it's at. I enjoy all the cool PowerShell things, but I mostly enjoy the reality that these tools can help overwork sysadmins. A lot of people are responsible for a lot of different parts of their environment, and you cannot be a security expert at all of them and keep track of, like, what's the latest and greatest manually, and what are the security recommendations? So these projects right here, they aim to make that way simpler for you. So we can start at the top. LockSmith is probably one of the more popular ones on this list, and it's for auditing Active Directory Certificate Services. Most people aren't very comfortable or experts at that. There's a very limited number of people, and the wizard that Microsoft gives you makes it very easy to stub your toe along the way. There's really not secure by default kind of stuff going on here, which is a bummer to see, but maybe there's a trend. LockSmith is fantastic. You just basically run it. It tells you, hey, this is very insecure, and someone can get DA super easy, and gives you some code to fix it if you want to run it, but mostly it gives you insight and the ability to look into things deeper. Meister, oh man, all these are so good. Meister's a huge one. Intra, you have Intra? A lot of people do. A lot of people have Intra in addition to a million other things. Well, Meister has a lot of tests you can run to check on the configuration and compare it to secure baselines, right? So you don't have to be the security expert who knows all the baselines. You can get visibility based on what people recommend, and then you can make a business decision if you want to look at securing things further or if you're okay with the risk that you currently have with your insecure stuff. I'll just mention, this might be the last one right here, but least privileged MS graph. That is by our boy, our boy in the PDQ discord, discord.gg.pdq. That's our boy, Morton. This was his first major project and it's MS graph. You have applications in MS graph. They have permissions. It's very easy to be overly permissive. So you could give, say, all you need to do is like query the users. If you give access to like query other things or it's just not a very good secure principle. You want to be following the principle of least privilege and making sure you give things the minimum permission required. And Microsoft doesn't give you a way to do that easily. What this module does, and it's kind of a long explanation. There's a link to PowerShell Wednesday where we just covered this yesterday, but it basically looks in the logs and it sees what your application is actually using. And then it makes sure that the permissions it has is limited to those actions that the app is actually taking based on the logs, based on what's really going on. So if you give an app every single permission in the world and you don't actually need it and you didn't know that, well, you can get some auditing around that. And apps are those things that would just keep growing and growing in your environment if you don't audit them. And yeah, it's one of those things where there's just so many things you have to do. Something like this, dive in, take control, eliminate the technical debt. A lot of these enterprise apps are technical debt and surface exposure. Less of that. That's a really good one to look at your permissions and cost too. Sometimes you're just assigning stuff you don't need. You can save some money using that too. That's super cool. Andrew, thanks as always for walking us all through what we should be thinking about with PowerShell and how much power it has there. Chris. This little top hat, did you see that? Thanks for watching this segment from PDQ Live. If you like this, you'll love the full show. Check it out every Thursday at 10 a.m. Mountain. Oh, and like and subscribe, please.

TL;DR

  • Start with modern tooling: Windows Terminal, VS Code PowerShell extension, and PowerShell 7 provide the foundation for current scripting practices
  • ImportExcel module enables automated Excel report generation without requiring Excel installation, saving significant time on manual reporting tasks
  • Locksmith audits Active Directory Certificate Services for security misconfigurations that could enable privilege escalation attacks
  • Maester and LeastPrivilegeMs.Graph provide security baseline auditing for Entra ID and Microsoft Graph permissions without requiring specialized security expertise

PowerShell Fundamentals and Learning Resources

This session provides a curated roadmap for sysadmins looking to build or strengthen their PowerShell skills. The team recommends starting with essential tooling — Windows Terminal, VS Code with the PowerShell extension, and PowerShell 7 as the modern foundation. For beginners, the Getting Started with PowerShell Jumpstart series from 2013 remains surprisingly relevant for learning core fundamentals, despite its age. The session also highlights PDQ's own educational ecosystem including PowerShell Wednesday, their blog, and weekly livestreams covering both beginner and advanced topics. For those seeking cutting-edge community knowledge, PowerShell Conference Europe and powershell.org publish conference talks on YouTube, providing access to expert presentations on newly developed modules and techniques that may not yet be covered by AI training data.

Productivity Modules and Security Auditing Tools

Beyond learning resources, the session showcases practical modules that solve real-world problems. ImportExcel stands out as a game-changer for sysadmins who need to generate Excel reports without having Excel installed — particularly valuable for automating reporting tasks that leadership expects in spreadsheet format. The security-focused portion introduces three critical auditing tools designed for overworked sysadmins who cannot be experts in every domain. Locksmith audits Active Directory Certificate Services for dangerous misconfigurations that could lead to privilege escalation. Maester runs security baseline checks against Entra ID environments, comparing configurations against recommended standards without requiring deep security expertise. LeastPrivilegeMs.Graph, developed by a PDQ Discord community member, analyzes Microsoft Graph application permissions by examining actual log activity to identify overly permissive grants — helping organizations enforce least privilege principles and potentially reduce licensing costs by eliminating unused permissions.

Chapters

0:00 - Introduction
0:28 - Essential Tooling Setup
0:54 - PowerShell Jumpstart Series
1:31 - PDQ Learning Resources
1:48 - Community Conference Content
2:13 - Productivity Modules
3:33 - Security Tools Overview
3:52 - Locksmith for AD CS Auditing
4:39 - Maester Security Baselines
5:19 - LeastPrivilegeMs.Graph Permissions

Key Quotes

3:40 "I mostly enjoy the reality that these tools can help overwork sysadmins. A lot of people are responsible for a lot of different parts of their environment, and you cannot be a security expert at all of them and keep track of, like, what's the latest and greatest manually, and what are the security recommendations? ..."
4:18 "There's really not secure by default kind of stuff going on here, which is a bummer to see, but maybe there's a trend."
5:48 "Microsoft doesn't give you a way to do that easily. What this module does, and it's kind of a long explanation... it basically looks in the logs and it sees what your application is actually using."
6:23 "Apps are those things that would just keep growing and growing in your environment if you don't audit them."

FAQ

Why should I use PowerShell 7 instead of Windows PowerShell?

PowerShell 7 is the latest and greatest version, and many modern modules and tools require it. While Windows PowerShell and the ISE are functional, PowerShell 7 sets you up for success with current scripting practices rather than legacy approaches.

How does ImportExcel help with reporting if I don't have Excel installed?

ImportExcel allows you to export data to formatted Excel files without needing Excel installed on your system. This is particularly valuable for automating reports that leadership expects in spreadsheet format, saving time on manual data entry and formatting tasks.

Categories:
  • » Cybersecurity » Cloud Security
  • » Data Protection
Channels:
News:
Events:
Tags:
  • Identity & Access
  • Security Operations
  • Cloud Security
  • Best Practices
  • How-To
  • PowerShell learning resources
  • Active Directory Certificate Services security
  • Microsoft Graph permissions auditing
  • Entra ID security baselines
  • PowerShell automation modules
Show more Show less

Browse videos

  • Related
  • Featured
  • By date
  • Most viewed
  • Top rated
  •  

              Video's comments: Essential PowerShell Resources & Security Tools for Sysadmins

              XStreaminars (watch here)

              • Jul
                28

                Illumio + Netskope: Zero Trust in the Age of AI Autonomy

                07/28/202601:00 PM ET
                • Jul
                  29

                  Ask Your Cloud Anything: Unlocking Governance Silos in your Environments

                  07/29/202601:00 PM ET
                  More events

                  Industry Events (watch there)

                  • Jul
                    22

                    Insights from Attackers During the FIFA World Cup: A HUMAN Dialogue

                    07/22/202601:00 PM ET
                    • Aug
                      19

                      Becoming Agent Ready: Insights from Cyera's Expertise

                      08/19/202612:00 PM ET
                      More events

                      Upcoming Webinar Calendar

                      • 07/21/2026
                        04:00 AM
                        07/21/2026
                        Strategies for Managing AI Governance and Securing App-to-LLM API Traffic
                        https://www.truthinit.com/index.php/channel/1967/strategies-for-managing-ai-governance-and-securing-app-to-llm-api-traffic/
                      • 07/22/2026
                        06:30 AM
                        07/22/2026
                        Insights and Strategies for Effective Data Privacy and Protection
                        https://www.truthinit.com/index.php/channel/2000/insights-and-strategies-for-effective-data-privacy-and-protection/
                      • 07/22/2026
                        01:00 PM
                        07/22/2026
                        Insights from Attackers During the FIFA World Cup: A HUMAN Dialogue
                        https://www.truthinit.com/index.php/channel/2029/insights-from-attackers-during-the-fifa-world-cup-a-human-dialogue/
                      • 07/28/2026
                        01:00 PM
                        07/28/2026
                        Illumio + Netskope: Zero Trust in the Age of AI Autonomy
                        https://www.truthinit.com/index.php/channel/2031/illumio-netskope-zero-trust-in-the-age-of-ai-autonomy/
                      • 07/29/2026
                        04:00 AM
                        07/29/2026
                        Real-Time Strategies for Safeguarding Against Prompt Injections
                        https://www.truthinit.com/index.php/channel/1968/real-time-strategies-for-safeguarding-against-prompt-injections/
                      • 07/29/2026
                        01:00 PM
                        07/29/2026
                        Ask Your Cloud Anything: Unlocking Governance Silos in your Environments
                        https://www.truthinit.com/index.php/channel/2048/ask-your-cloud-anything-unlocking-governance-silos-in-your-environments/
                      • 08/19/2026
                        12:00 PM
                        08/19/2026
                        Becoming Agent Ready: Insights from Cyera's Expertise
                        https://www.truthinit.com/index.php/channel/2036/becoming-agent-ready-insights-from-cyeras-expertise/
                      • 09/02/2026
                        12:00 PM
                        09/02/2026
                        Unified Data Security in Action: Uncover, Analyze, and Resolve Threats
                        https://www.truthinit.com/index.php/channel/2045/unified-data-security-in-action-uncover-analyze-and-resolve-threats/
                      • 09/30/2026
                        04:00 AM
                        09/30/2026
                        AI Command Center: Optimizing Visibility and Control in Your Operations
                        https://www.truthinit.com/index.php/channel/2024/ai-command-center-optimizing-visibility-and-control-in-your-operations/
                      Truth in IT
                      • Sponsor
                      • About Us
                      • Terms of Service
                      • Privacy Policy
                      • Contact Us
                      • Preference Management
                      Desktop version
                      Standard version