1 00:00:00,000 --> 00:00:09,700 Welcome to the Azure Security Podcast, where we discuss topics relating to security, privacy, 2 00:00:09,700 --> 00:00:13,280 reliability and compliance on the Microsoft Cloud Platform. 3 00:00:13,280 --> 00:00:15,280 Hey, everybody. 4 00:00:15,280 --> 00:00:17,420 Welcome to episode 83. 5 00:00:17,420 --> 00:00:20,760 This week, it's myself, Michael and Sarah, and we have a guest this week, actually a 6 00:00:20,760 --> 00:00:21,760 return guest. 7 00:00:21,760 --> 00:00:27,440 We have Miriam, and she's here to talk to us about a new book that's just come out. 8 00:00:27,440 --> 00:00:28,920 She's the author of that book. 9 00:00:28,920 --> 00:00:32,000 But before we get to Miriam, let's take a little lap around the news. 10 00:00:32,000 --> 00:00:34,080 Sarah, why don't you kick things off? 11 00:00:34,080 --> 00:00:37,680 A couple of things to talk about. 12 00:00:37,680 --> 00:00:42,160 Azure Application Gateway is now in public preview for containers. 13 00:00:42,160 --> 00:00:50,360 So it's basically the evolution of the Application Gateway plus the Application Gateway Ingress 14 00:00:50,360 --> 00:00:51,360 Controller. 15 00:00:51,360 --> 00:00:58,440 So, yep, if you are needing to put an Application Gateway in front of your containers, go and 16 00:00:58,440 --> 00:01:01,080 have a look because it's now in public preview. 17 00:01:01,080 --> 00:01:06,820 You can play around with it, does some really cool things like it scales nicer than before, 18 00:01:06,820 --> 00:01:13,040 the performance is better, you can deploy it as code, all of that good stuff. 19 00:01:13,040 --> 00:01:20,040 And then next up, we've got bring your own key on ephemeral OS disk for AKS. 20 00:01:20,040 --> 00:01:24,840 So guess it really does what it says on the tin, means if you're using ephemeral OS disk 21 00:01:24,840 --> 00:01:27,160 on AKS, you can now bring your own key. 22 00:01:27,160 --> 00:01:32,840 So I have to say, Sarah's personal advice here, don't use bring your own key unless 23 00:01:32,840 --> 00:01:35,960 you desperately need to. 24 00:01:35,960 --> 00:01:40,920 And there are some industries, there are some industry verticals and some jurisdictions 25 00:01:40,920 --> 00:01:43,000 where you must bring your own key. 26 00:01:43,000 --> 00:01:49,400 But Sarah's top tip for this episode is don't do bring your own key unless you have to because 27 00:01:49,400 --> 00:01:51,120 it's a bit of a mission. 28 00:01:51,120 --> 00:01:53,360 Michael, you've probably got thoughts on that. 29 00:01:53,360 --> 00:01:56,880 But that's all I've got for this time for the news. 30 00:01:56,880 --> 00:01:58,840 Yeah, I'm a crypto purist, right? 31 00:01:58,840 --> 00:02:01,880 So I'm very much a fan of having your own keys. 32 00:02:01,880 --> 00:02:06,200 But by the same token, I also recognize that the stress that can come from having your 33 00:02:06,200 --> 00:02:10,440 own keys, if you lose the keys, we don't have a copy of them. 34 00:02:10,440 --> 00:02:14,800 So you better make sure you've got all the policies and processes in place to recycle 35 00:02:14,800 --> 00:02:19,120 keys and the whole lifecycle of keys and so on and so forth. 36 00:02:19,120 --> 00:02:24,440 So yeah, I actually do agree with you because the data is encrypted anyway, just that the 37 00:02:24,440 --> 00:02:27,320 keys are managed by the data sensors. 38 00:02:27,320 --> 00:02:32,280 That way if a device is stolen, then the data is actually encrypted. 39 00:02:32,280 --> 00:02:36,640 It's also really important to understand what threats you're actually mitigating with either 40 00:02:36,640 --> 00:02:40,760 using customer managed keys or bring your own keys and platform managed keys. 41 00:02:40,760 --> 00:02:42,360 But that's a discussion for another day. 42 00:02:42,360 --> 00:02:47,240 All right, so from my news, actually I'm talking about cryptography and in my own backyard 43 00:02:47,240 --> 00:02:50,400 and as a SQL database or SQL server in general. 44 00:02:50,400 --> 00:02:56,200 So the always encrypted wizard in SSMS, so the SQL Server Management Studio now supports 45 00:02:56,200 --> 00:02:59,500 securing enclaves and in-place encryption. 46 00:02:59,500 --> 00:03:03,400 What that means is that all the cryptographic operations are now actually performed just 47 00:03:03,400 --> 00:03:04,920 by SQL. 48 00:03:04,920 --> 00:03:10,480 In the old days, you had to perform those operations by moving the data out of the database 49 00:03:10,480 --> 00:03:12,960 first, which is probably not what you want. 50 00:03:12,960 --> 00:03:15,280 So it's fantastic to see that. 51 00:03:15,280 --> 00:03:20,300 Still in the area of always encrypted with secure enclaves, DC series databases, so that's 52 00:03:20,300 --> 00:03:24,640 the underlying compute, now supports up to 40 vCores. 53 00:03:24,640 --> 00:03:30,280 There was a limitation on the number of vCores you could have for the database and that was 54 00:03:30,280 --> 00:03:34,280 quite limiting for some customers wanting to use always encrypted. 55 00:03:34,280 --> 00:03:38,400 So now we've raised that limit substantially to 40 vCores, which is another thing that's 56 00:03:38,400 --> 00:03:39,800 just great to see. 57 00:03:39,800 --> 00:03:44,720 We've mentioned this in the past about PrivateLink for Azure SQL managed instance. 58 00:03:44,720 --> 00:03:46,120 Well now it's actually in GA. 59 00:03:46,120 --> 00:03:47,600 It's now generally available. 60 00:03:47,600 --> 00:03:50,680 We mentioned it prior, but it was actually in preview at the time. 61 00:03:50,680 --> 00:03:52,080 So this is great to see. 62 00:03:52,080 --> 00:03:57,000 So I've mentioned this a billion times, but here's a billion them first time. 63 00:03:57,000 --> 00:04:00,200 It's just great to see more of the past products. 64 00:04:00,200 --> 00:04:04,440 I think we're getting close to saturation now where all the past products or the majority 65 00:04:04,440 --> 00:04:06,200 of them actually have private endpoint support. 66 00:04:06,200 --> 00:04:08,580 So that's really another great thing to see. 67 00:04:08,580 --> 00:04:14,040 We now have in Azure Databricks, this is generally available, is the enhanced security and compliance 68 00:04:14,040 --> 00:04:15,040 add-on. 69 00:04:15,040 --> 00:04:20,720 This does things like having hardened security images, better compliance governance and those 70 00:04:20,720 --> 00:04:23,520 sorts of things for your Databricks workspaces. 71 00:04:23,520 --> 00:04:27,460 I'm not an expert on Databricks by any stretch, but it's good to see sort of tooling coming 72 00:04:27,460 --> 00:04:30,120 out that helps you manage this sort of stuff. 73 00:04:30,120 --> 00:04:31,120 All right. 74 00:04:31,120 --> 00:04:33,960 So with our news out of the way, let's turn our attention to our guest. 75 00:04:33,960 --> 00:04:34,960 So this week again, we have Miriam. 76 00:04:34,960 --> 00:04:35,960 She's returned to the podcast. 77 00:04:35,960 --> 00:04:36,960 All right. 78 00:04:36,960 --> 00:04:39,440 So Miriam, hey, thank you so much for joining us again. 79 00:04:39,440 --> 00:04:43,160 We'd like to take a moment and just give our listeners a little background on what you 80 00:04:43,160 --> 00:04:44,160 do. 81 00:04:44,160 --> 00:04:48,240 Hey, thank you so much for inviting me again to this podcast. 82 00:04:48,240 --> 00:04:55,880 So my name is Miriam Wiesner and I'm currently working as a senior security researcher for 83 00:04:55,880 --> 00:04:56,880 Microsoft. 84 00:04:56,880 --> 00:05:01,180 I'm part of the Microsoft 365 Defender team. 85 00:05:01,180 --> 00:05:08,040 So that is basically the team that is doing the research behind Microsoft 365 Defender. 86 00:05:08,040 --> 00:05:15,720 And yeah, so in my spare time, I did a lot of PowerShell coding and a lot of security. 87 00:05:15,720 --> 00:05:24,020 And this is basically also what kind of led to me writing this book. 88 00:05:24,020 --> 00:05:27,960 The book is PowerShell Automation and Scripting for Cybersecurity, Hacking and Defense for 89 00:05:27,960 --> 00:05:29,880 Red and Blue Teamers. 90 00:05:29,880 --> 00:05:31,480 So first of all, congratulations on the book. 91 00:05:31,480 --> 00:05:32,480 Is it your first book? 92 00:05:32,480 --> 00:05:33,480 Yeah, thanks. 93 00:05:33,480 --> 00:05:35,560 And yeah, it's actually my first book. 94 00:05:35,560 --> 00:05:37,240 Never wrote a book before. 95 00:05:37,240 --> 00:05:38,240 So congratulations today. 96 00:05:38,240 --> 00:05:40,000 You can actually call yourself an author. 97 00:05:40,000 --> 00:05:44,360 You can actually update your LinkedIn profile and include the word author on there as well. 98 00:05:44,360 --> 00:05:45,960 So let's start at the very top then. 99 00:05:45,960 --> 00:05:46,960 Okay. 100 00:05:46,960 --> 00:05:48,920 So why did you write this book? 101 00:05:48,920 --> 00:05:51,260 I mean, what problem are you trying to solve? 102 00:05:51,260 --> 00:05:55,160 So actually why I wrote this book is quite boring. 103 00:05:55,160 --> 00:06:01,560 Well, I was approached on LinkedIn by the publisher and they asked me if I would be 104 00:06:01,560 --> 00:06:07,240 interested in writing a PowerShell security related book for them. 105 00:06:07,240 --> 00:06:12,600 And first I thought, well, are they crazy? 106 00:06:12,600 --> 00:06:18,680 Asking me if I wanted to write a book because I thought I could never do that. 107 00:06:18,680 --> 00:06:24,320 And then I took some more days and really looked into the topic and I thought, okay, 108 00:06:24,320 --> 00:06:30,760 with a little bit of research, actually, I already have the knowledge of many areas that 109 00:06:30,760 --> 00:06:33,280 they wanted in that book. 110 00:06:33,280 --> 00:06:38,120 And so I, yeah, I said yes. 111 00:06:38,120 --> 00:06:42,080 And I agreed to writing a book for them. 112 00:06:42,080 --> 00:06:49,800 And what this book should solve, basically there are a lot of PowerShell security related 113 00:06:49,800 --> 00:06:56,480 sources out there, but nothing really compiles everything together. 114 00:06:56,480 --> 00:07:04,320 And also when you are trying to understand more about a certain topic, it's really hard. 115 00:07:04,320 --> 00:07:08,040 You spend a lot of hours just researching everything. 116 00:07:08,040 --> 00:07:16,160 The book should not only help beginners to get into PowerShell security, but also help 117 00:07:16,160 --> 00:07:24,200 advanced PowerShell practitioners or security practitioners to understand certain PowerShell 118 00:07:24,200 --> 00:07:26,640 security related topics and dive deeper. 119 00:07:26,640 --> 00:07:31,960 So you brought up a point there that I really want to sort of drill into a little bit more. 120 00:07:31,960 --> 00:07:34,560 You mentioned that you didn't know you sort of had a book inside you. 121 00:07:34,560 --> 00:07:36,960 And I hear that all the time from people. 122 00:07:36,960 --> 00:07:39,360 And I think everyone has a book inside them. 123 00:07:39,360 --> 00:07:40,960 I actually genuinely believe that. 124 00:07:40,960 --> 00:07:47,400 I believe that everyone in the world, regardless of your background, is an expert at something. 125 00:07:47,400 --> 00:07:49,400 It doesn't matter what you do in life. 126 00:07:49,400 --> 00:07:51,040 I genuinely believe that. 127 00:07:51,040 --> 00:07:54,000 And I think everyone has a, you could easily write a book on that topic. 128 00:07:54,000 --> 00:07:56,000 It doesn't really matter what the topic is. 129 00:07:56,000 --> 00:07:58,720 I'm just saying, I could never write a book. 130 00:07:58,720 --> 00:08:00,200 I actually, I bet you could. 131 00:08:00,200 --> 00:08:03,400 I mean, the only downside, I suppose, is the discipline of writing. 132 00:08:03,400 --> 00:08:06,880 That you sort of got to overcome that problem. 133 00:08:06,880 --> 00:08:09,920 But once you've got over that, I think everyone has a book inside them. 134 00:08:09,920 --> 00:08:10,920 Sarah, what do you think? 135 00:08:10,920 --> 00:08:14,280 I mean, you wrote a book with Youri and Mark and Gladys. 136 00:08:14,280 --> 00:08:16,120 So what's your thought on that? 137 00:08:16,120 --> 00:08:17,120 Yeah. 138 00:08:17,120 --> 00:08:19,880 So I've written two books now. 139 00:08:19,880 --> 00:08:27,720 But I'm totally down with what Miriam was saying as well in terms of, I wasn't sure 140 00:08:27,720 --> 00:08:34,200 I had a book in me, even though when I was asked to do the two books that I've done, 141 00:08:34,200 --> 00:08:37,480 it is a topic I know plenty about. 142 00:08:37,480 --> 00:08:40,800 But yeah, there's a lot of imposter syndrome, right? 143 00:08:40,800 --> 00:08:43,960 You're just like, oh, I don't know this well enough. 144 00:08:43,960 --> 00:08:47,320 No one's going to want to listen to what I have to say. 145 00:08:47,320 --> 00:08:50,680 So I do think sometimes, you're right. 146 00:08:50,680 --> 00:08:54,200 I think, does everyone have a book inside them? 147 00:08:54,200 --> 00:08:55,840 Yeah, probably. 148 00:08:55,840 --> 00:08:59,440 And I think some people are more inclined to go out and do it. 149 00:08:59,440 --> 00:09:06,240 Or maybe it might be circumstance that sort of pushes you into doing it like Miriam. 150 00:09:06,240 --> 00:09:07,240 Definitely a thing. 151 00:09:07,240 --> 00:09:11,680 And I think it all leads into, we'll go into a big psychological thing here, but it all 152 00:09:11,680 --> 00:09:17,280 leads into the imposter syndrome that all of us at some point or another in our careers 153 00:09:17,280 --> 00:09:18,280 suffer from, right? 154 00:09:18,280 --> 00:09:19,280 Yeah. 155 00:09:19,280 --> 00:09:21,080 I think imposter syndrome is actually huge in this industry. 156 00:09:21,080 --> 00:09:24,160 I think a lot of people think they're not good enough. 157 00:09:24,160 --> 00:09:27,800 We have world class, literally world class people on the podcast, right? 158 00:09:27,800 --> 00:09:31,400 And it's easy to say, I could never be like that person. 159 00:09:31,400 --> 00:09:35,720 But again, in your area of expertise, I mean, if you look at my area, so I don't really 160 00:09:35,720 --> 00:09:39,200 mean to sort of segue too much here, but I think it's important. 161 00:09:39,200 --> 00:09:41,760 I look at my main area of expertise, right? 162 00:09:41,760 --> 00:09:47,960 Which is, I have cyber security as my title somewhere, but it's really not cyber security. 163 00:09:47,960 --> 00:09:52,520 My main focus is on secure software design, secure software development, that sort of 164 00:09:52,520 --> 00:09:53,520 stuff, right? 165 00:09:53,520 --> 00:09:57,520 Exploiting code and putting defenses in code and that sort of stuff. 166 00:09:57,520 --> 00:10:01,760 So when it comes to things like stuff that you two are experts at, I'm not an expert 167 00:10:01,760 --> 00:10:02,760 at those stuff. 168 00:10:02,760 --> 00:10:07,000 I mean, I know enough to have a hallway conversation with somebody, but I certainly can't hold a 169 00:10:07,000 --> 00:10:09,680 very long conversation with an expert. 170 00:10:09,680 --> 00:10:11,800 But it's probably the same for me, right? 171 00:10:11,800 --> 00:10:16,200 If I start talking about really low level kernel mode Windows issues, I'm sure your 172 00:10:16,200 --> 00:10:18,120 eyes will glaze over. 173 00:10:18,120 --> 00:10:21,580 So again, everyone's an expert and I think you need to, people in general need to stop 174 00:10:21,580 --> 00:10:23,200 thinking that they're not good enough. 175 00:10:23,200 --> 00:10:29,760 I think cyber security is a massive, massive area and you're not going to know all of it. 176 00:10:29,760 --> 00:10:31,800 You're just not. 177 00:10:31,800 --> 00:10:34,440 So yeah, I know I got off track a little bit there, but I'm a... 178 00:10:34,440 --> 00:10:38,240 So Miriam, when you're writing this book, since it's your first book, so what was the 179 00:10:38,240 --> 00:10:39,240 writing experience like? 180 00:10:39,240 --> 00:10:42,680 Any little stories you'd like to sort of share with people? 181 00:10:42,680 --> 00:10:43,680 Yeah. 182 00:10:43,680 --> 00:10:51,240 So first, before I started writing the book, there was already a lot of work included because 183 00:10:51,240 --> 00:10:57,160 they provided me with an idea on the topic that I could write about. 184 00:10:57,160 --> 00:11:05,840 But in the end, I had to come up with a draft on how the structure would look like and already 185 00:11:05,840 --> 00:11:09,400 think about the chapters that I will be writing. 186 00:11:09,400 --> 00:11:15,960 And this is really hard at the beginning because things change and you probably don't have 187 00:11:15,960 --> 00:11:19,800 the entire book in your head already when you start writing. 188 00:11:19,800 --> 00:11:25,800 And so first thing was really working on the outline and already describing what I will 189 00:11:25,800 --> 00:11:28,760 be writing in those chapters. 190 00:11:28,760 --> 00:11:32,480 And I can tell you a lot of those things changed. 191 00:11:32,480 --> 00:11:41,000 Well, the structure remains similar, but nevertheless, it changed. 192 00:11:41,000 --> 00:11:46,560 And if you already created the outline and shared it with your publisher, then there 193 00:11:46,560 --> 00:11:48,680 are also expectations. 194 00:11:48,680 --> 00:11:56,000 And so I also had to explain why my outline suddenly changed when I was working on the 195 00:11:56,000 --> 00:11:57,000 book. 196 00:11:57,000 --> 00:12:04,320 And yeah, after I had the outline and agreed on it with the publisher, and it is not enough 197 00:12:04,320 --> 00:12:10,400 to just work on the outline, you also have to have an estimation of how many pages you're 198 00:12:10,400 --> 00:12:11,400 going to write. 199 00:12:11,400 --> 00:12:20,360 And boy, I just exceeded all my page estimations and wrote so much more than I originally wanted 200 00:12:20,360 --> 00:12:22,040 to write. 201 00:12:22,040 --> 00:12:26,080 And then the actual writing started. 202 00:12:26,080 --> 00:12:29,320 And that was the hardest part, to be honest. 203 00:12:29,320 --> 00:12:32,480 Sarah, did you have similar issues as well? 204 00:12:32,480 --> 00:12:34,040 You just couldn't make the page count? 205 00:12:34,040 --> 00:12:36,400 You either were under or over. 206 00:12:36,400 --> 00:12:37,400 Yes. 207 00:12:37,400 --> 00:12:38,640 So it's interesting. 208 00:12:38,640 --> 00:12:42,720 So for the first book I wrote, I was over. 209 00:12:42,720 --> 00:12:45,320 But for the second one, I was under. 210 00:12:45,320 --> 00:12:46,320 So it was interesting. 211 00:12:46,320 --> 00:12:48,680 I went two different ways. 212 00:12:48,680 --> 00:12:55,000 And I also felt because I wrote, for those of you who don't know, who are listening, 213 00:12:55,000 --> 00:13:03,400 I wrote exam guides, and you can still go get them if you're doing the SC100 or SC200. 214 00:13:03,400 --> 00:13:09,360 But because of that, we did have to stick to the outline, the exam guide. 215 00:13:09,360 --> 00:13:13,960 And sometimes I would want to go into something because I felt people should know it in a 216 00:13:13,960 --> 00:13:15,440 bit more detail. 217 00:13:15,440 --> 00:13:19,880 But there's only so far off in a tangent you can go, especially with an exam guide. 218 00:13:19,880 --> 00:13:23,560 Well, because people, it's interesting. 219 00:13:23,560 --> 00:13:27,000 But what you might be teaching someone, if it's not in the curriculum, although it's 220 00:13:27,000 --> 00:13:29,880 interesting, it's not going to help them pass the exam. 221 00:13:29,880 --> 00:13:31,800 And that was not the purpose of the book. 222 00:13:31,800 --> 00:13:33,680 So yeah, definitely. 223 00:13:33,680 --> 00:13:35,240 Yeah, I went both ways. 224 00:13:35,240 --> 00:13:36,560 This is a funny story. 225 00:13:36,560 --> 00:13:40,720 So in the designing and developing Securati solutions in one of the chapters, which is 226 00:13:40,720 --> 00:13:46,560 on cryptography, which of course is my favorite topic by far, I'd actually mentioned that 227 00:13:46,560 --> 00:13:50,860 my page estimate was, because it was literally just going to be just pure cryptography. 228 00:13:50,860 --> 00:13:53,480 My estimate was 24, 25 pages. 229 00:13:53,480 --> 00:13:56,480 At 85 pages, I decided to stop. 230 00:13:56,480 --> 00:13:57,480 I just couldn't stop. 231 00:13:57,480 --> 00:14:04,240 And the editors were like, you said 24, 25, and you're at 84, 85? 232 00:14:04,240 --> 00:14:05,240 Like yeah. 233 00:14:05,240 --> 00:14:08,720 And they said, well, is it good content or is it all fluff? 234 00:14:08,720 --> 00:14:10,600 And I'm like, no, it's good content. 235 00:14:10,600 --> 00:14:11,600 It's not fluff at all. 236 00:14:11,600 --> 00:14:16,240 I don't really like to sort of fluff things up too much. 237 00:14:16,240 --> 00:14:17,920 And they said, okay, well, let it stick. 238 00:14:17,920 --> 00:14:24,720 But can you please try to stay on point for the next chapters, which I was okay at. 239 00:14:24,720 --> 00:14:30,960 In terms of the layout, for the most part, the chapter outline didn't change. 240 00:14:30,960 --> 00:14:36,520 We did remove one chapter, but what we did is we interleaved the topics of that chapter 241 00:14:36,520 --> 00:14:41,240 throughout the other chapters instead, which actually turned out to be a much better decision. 242 00:14:41,240 --> 00:14:44,640 Now we talked about sort of writing our books. 243 00:14:44,640 --> 00:14:47,320 So Mary, do you want to just give us an overview of the book? 244 00:14:47,320 --> 00:14:48,320 What's in the book? 245 00:14:48,320 --> 00:14:51,520 I mean, obviously it's PowerShell and security and cybersecurity and testing and so on. 246 00:14:51,520 --> 00:14:56,000 But you want to give us a bit more of a concrete example of what people should expect to learn 247 00:14:56,000 --> 00:14:59,040 from this and how it's going to help them on a sort of day-to-day basis? 248 00:14:59,040 --> 00:15:00,040 Yeah. 249 00:15:00,040 --> 00:15:04,560 So actually I added two additional chapters while writing the book because you mentioned 250 00:15:04,560 --> 00:15:09,440 that I had literally the same problem as you. 251 00:15:09,440 --> 00:15:15,540 And so the book is structured into three parts. 252 00:15:15,540 --> 00:15:22,640 So the first part is really diving more into PowerShell and PowerShell security. 253 00:15:22,640 --> 00:15:31,320 So basically getting started, scripting fundamentals, understanding important technologies such 254 00:15:31,320 --> 00:15:35,240 as PS remoting and also logging. 255 00:15:35,240 --> 00:15:41,240 And then in the second part, we are diving deeper into the system, into Active Directory 256 00:15:41,240 --> 00:15:48,760 and Azure Active Directory or basically Entra ID in the future. 257 00:15:48,760 --> 00:15:53,360 The second part also has a red team and a blue team cookbook. 258 00:15:53,360 --> 00:15:54,360 Yeah. 259 00:15:54,360 --> 00:16:02,100 So the second part is mostly focusing on understanding technologies into deep. 260 00:16:02,100 --> 00:16:03,960 So diving deeper. 261 00:16:03,960 --> 00:16:12,720 And the last part, the third part is what can you do to protect your organizations against 262 00:16:12,720 --> 00:16:15,340 those kinds of attacks? 263 00:16:15,340 --> 00:16:18,440 What can you do to make your environment more secure? 264 00:16:18,440 --> 00:16:23,160 And of course, the second part does not only focus on red team stuff, it also focus on 265 00:16:23,160 --> 00:16:25,000 blue team stuff. 266 00:16:25,000 --> 00:16:31,960 And the last part also does not only focus on blue team practitioner tasks, but also 267 00:16:31,960 --> 00:16:39,000 on things that are important or extremely interesting for red teamers. 268 00:16:39,000 --> 00:16:43,360 So do you want to give us an example of some of the content for blue team and some of the 269 00:16:43,360 --> 00:16:44,840 content for red teams? 270 00:16:44,840 --> 00:16:45,840 Yeah. 271 00:16:45,840 --> 00:16:51,840 So basically the blue teamers most of the time want to secure their environment, want 272 00:16:51,840 --> 00:16:55,480 to protect their environment and defend. 273 00:16:55,480 --> 00:17:02,800 And the blue team part is for example, yeah, basically the understanding the mitigations, 274 00:17:02,800 --> 00:17:04,360 understanding how to configure them. 275 00:17:04,360 --> 00:17:11,300 So for example, just enough administration is a huge topic, which is not very well known, 276 00:17:11,300 --> 00:17:19,000 as well as also other mitigations such as application control and understanding how 277 00:17:19,000 --> 00:17:24,680 does PowerShell change when application control is applied is also something that is not really 278 00:17:24,680 --> 00:17:28,080 well discovered or explored, I think. 279 00:17:28,080 --> 00:17:34,600 One part, for example, the anti-malware scan interface is of course a topic that is interesting 280 00:17:34,600 --> 00:17:37,700 to blue as red teamers as well. 281 00:17:37,700 --> 00:17:42,920 So for the blue teamers, it is important to understand how it works and why it was designed 282 00:17:42,920 --> 00:17:48,200 the way it works and that it basically protects you in a very good way. 283 00:17:48,200 --> 00:17:51,240 And red teamers are also trying to bypass ANSI. 284 00:17:51,240 --> 00:17:59,360 So it is not only interesting for red teams to understand how to bypass or how others 285 00:17:59,360 --> 00:18:04,640 were bypassing ANSI in the past, but it is also very interesting for blue teamers to 286 00:18:04,640 --> 00:18:13,920 understand how attackers think and how red teamers think in order to better protect themselves. 287 00:18:13,920 --> 00:18:19,540 And I mentioned the red team cookbook and the blue team cookbook. 288 00:18:19,540 --> 00:18:22,800 So those are two chapters. 289 00:18:22,800 --> 00:18:25,800 One is the red team tasks and cookbook. 290 00:18:25,800 --> 00:18:29,120 The other chapter is the blue team tasks and cookbook. 291 00:18:29,120 --> 00:18:38,480 Of course, I can't cover everything that there is, but it should give some people that are 292 00:18:38,480 --> 00:18:44,720 starting working with PowerShell, for example, for their red team engagements, or that want 293 00:18:44,720 --> 00:18:52,760 to just also arm their blue team with some cool scripts and want to do more than they 294 00:18:52,760 --> 00:18:55,000 are just doing right now. 295 00:18:55,000 --> 00:19:01,920 Those are really cookbooks with examples on what you want to achieve and then a solution, 296 00:19:01,920 --> 00:19:03,920 so a so-called recipe. 297 00:19:03,920 --> 00:19:06,640 So Miriam, why PowerShell? 298 00:19:06,640 --> 00:19:15,720 So PowerShell was always a part of my professional work life, so to say. 299 00:19:15,720 --> 00:19:23,240 So I am part of the PowerShell community for already some years, I think. 300 00:19:23,240 --> 00:19:27,200 And I even made it on the stage to present about PowerShell. 301 00:19:27,200 --> 00:19:31,280 And PowerShell is everywhere. 302 00:19:31,280 --> 00:19:32,920 PowerShell is everywhere. 303 00:19:32,920 --> 00:19:40,040 So on every modern Windows system, you have PowerShell. 304 00:19:40,040 --> 00:19:47,120 And that also makes things very easy, not only for attackers, but also for defenders. 305 00:19:47,120 --> 00:19:53,160 And I also used to write to open source tools using PowerShell. 306 00:19:53,160 --> 00:19:59,800 And so I think this is why PowerShell, because I am very used to PowerShell. 307 00:19:59,800 --> 00:20:01,280 I really like PowerShell. 308 00:20:01,280 --> 00:20:04,280 I worked a lot with PowerShell. 309 00:20:04,280 --> 00:20:12,480 And I think this is how the publisher also contacted me about writing about PowerShell. 310 00:20:12,480 --> 00:20:19,440 And when you are asking about why did I add two more chapters writing about PowerShell, 311 00:20:19,440 --> 00:20:25,400 my publisher had some chapter page restrictions. 312 00:20:25,400 --> 00:20:33,480 And when you try to estimate the pages of a chapter, I did not think that I will add 313 00:20:33,480 --> 00:20:35,160 pictures of something. 314 00:20:35,160 --> 00:20:38,560 And I did not put that into the calculation. 315 00:20:38,560 --> 00:20:42,200 And so I started with my first chapter. 316 00:20:42,200 --> 00:20:47,200 And originally, I planned to have also the scripting fundamentals in the first chapter 317 00:20:47,200 --> 00:20:49,960 into getting started with PowerShell. 318 00:20:49,960 --> 00:20:52,200 And then I just wrote and wrote and wrote. 319 00:20:52,200 --> 00:20:55,280 And the chapter just got huge. 320 00:20:55,280 --> 00:21:00,600 And I was like, OK, I really need this information in this chapter. 321 00:21:00,600 --> 00:21:05,080 Because otherwise, if people are just starting out with PowerShell and they never really 322 00:21:05,080 --> 00:21:09,400 worked with PowerShell, then they will be lost in the rest of the book. 323 00:21:09,400 --> 00:21:12,280 And so it had to be in the book. 324 00:21:12,280 --> 00:21:16,960 And then the publisher approached me and they were like, well, would you like to split those 325 00:21:16,960 --> 00:21:17,960 chapters maybe? 326 00:21:17,960 --> 00:21:20,480 And it was like, no, I don't want to split those chapters. 327 00:21:20,480 --> 00:21:22,360 This belongs together. 328 00:21:22,360 --> 00:21:26,160 And it was really a huge, huge, huge chapter. 329 00:21:26,160 --> 00:21:31,280 And I don't know how people would have felt if they had just such a huge chapter and no 330 00:21:31,280 --> 00:21:33,000 break in between. 331 00:21:33,000 --> 00:21:36,920 And so we finally decided to split this chapter. 332 00:21:36,920 --> 00:21:39,640 And yes. 333 00:21:39,640 --> 00:21:48,480 So and the other chapter that I decided to split was, in the end, the Active Directory 334 00:21:48,480 --> 00:21:53,400 and the Azure AD or Entra ID chapter. 335 00:21:53,400 --> 00:21:59,960 So by the time this book was written, written, Azure AD was still Azure AD and not Entra 336 00:21:59,960 --> 00:22:00,960 ID. 337 00:22:00,960 --> 00:22:03,800 So you will find the word Entra ID in there. 338 00:22:03,800 --> 00:22:12,240 But mostly I talk about Azure AD because it was just announced shortly before we published 339 00:22:12,240 --> 00:22:13,240 it. 340 00:22:13,240 --> 00:22:19,160 So it was almost impossible to just change everything. 341 00:22:19,160 --> 00:22:27,040 But those chapters, I first thought about writing one chapter about Active Directory. 342 00:22:27,040 --> 00:22:32,480 So the on-prem solution and Entra AD, the Azure AD. 343 00:22:32,480 --> 00:22:39,880 And while I was writing it, I just added so much information in there that I really found 344 00:22:39,880 --> 00:22:44,640 relevant for security, especially for PowerShell security. 345 00:22:44,640 --> 00:22:54,200 And those chapters do not only address Azure AD or Active Directory security from a PowerShell 346 00:22:54,200 --> 00:22:55,200 point of view. 347 00:22:55,200 --> 00:23:00,720 We are also talking about protocols and things that are really important that you really 348 00:23:00,720 --> 00:23:06,960 need to know when we are talking about AD security or AAD security. 349 00:23:06,960 --> 00:23:10,880 And again, I could not leave anything out. 350 00:23:10,880 --> 00:23:18,480 And so it really made sense to split those chapters and write one chapter only about 351 00:23:18,480 --> 00:23:22,840 Active Directory and one chapter only about Entra ID. 352 00:23:22,840 --> 00:23:27,560 So back to a serious question about PowerShell and your comments about PowerShell. 353 00:23:27,560 --> 00:23:33,180 I think it would be fair to say that probably 75, 80% of any tooling that I write today 354 00:23:33,180 --> 00:23:35,760 is in PowerShell. 355 00:23:35,760 --> 00:23:40,640 Back in the day, I used to write all my sort of red team and blue team type scripts in 356 00:23:40,640 --> 00:23:41,640 Perl. 357 00:23:41,640 --> 00:23:46,160 I'm probably aging myself now, but the big joke about writing these things in Perl is 358 00:23:46,160 --> 00:23:48,400 Perl is a write-only language. 359 00:23:48,400 --> 00:23:51,620 Once you've written it, you can never read it ever again. 360 00:23:51,620 --> 00:23:55,600 But yeah, I write all my stuff in PowerShell today, mainly because it's got all the power 361 00:23:55,600 --> 00:24:00,280 of.NET, but it's in a scripting language, which is really nice. 362 00:24:00,280 --> 00:24:04,600 And some of the ways it handles things like strings is just absolutely beautiful, which 363 00:24:04,600 --> 00:24:09,360 makes parsing error returns and HTTP responses and those sorts of things. 364 00:24:09,360 --> 00:24:13,840 It makes handling that kind of stuff just incredibly straightforward. 365 00:24:13,840 --> 00:24:18,520 I think PowerShell is a really productive language in general for administration, but 366 00:24:18,520 --> 00:24:22,240 certainly for cybersecurity, sort of red teaming and blue teaming. 367 00:24:22,240 --> 00:24:23,240 So I think it's a really good choice. 368 00:24:23,240 --> 00:24:28,840 I've actually seen other books that talks about using C Sharp and so on for doing analysis 369 00:24:28,840 --> 00:24:30,840 of the environments. 370 00:24:30,840 --> 00:24:32,720 But you know, it's compiled code. 371 00:24:32,720 --> 00:24:35,680 You've got to make sure you've got all the assemblies installed and so on and so forth. 372 00:24:35,680 --> 00:24:41,760 Not that I'm saying that's bad, but I think PowerShell has significantly less friction 373 00:24:41,760 --> 00:24:46,560 when it comes to deploying on multiple machines, Windows and Linux for that matter, because 374 00:24:46,560 --> 00:24:49,320 obviously PowerShell is available across platform. 375 00:24:49,320 --> 00:24:51,600 So I think it's a good choice. 376 00:24:51,600 --> 00:24:58,000 When you're saying C Sharp, actually, we are also looking at C Sharp in our book because 377 00:24:58,000 --> 00:25:05,880 PowerShell is also able to compile and to execute C code. 378 00:25:05,880 --> 00:25:10,960 And this is also a really interesting part in the book, in my opinion. 379 00:25:10,960 --> 00:25:11,960 You said C code? 380 00:25:11,960 --> 00:25:12,960 Yes. 381 00:25:12,960 --> 00:25:13,960 Or C Sharp? 382 00:25:13,960 --> 00:25:14,960 C Sharp. 383 00:25:14,960 --> 00:25:22,760 But yeah, it does not really matter as long as that framework supports it, basically. 384 00:25:22,760 --> 00:25:23,760 Yeah. 385 00:25:23,760 --> 00:25:24,760 Yeah. 386 00:25:24,760 --> 00:25:25,760 Okay. 387 00:25:25,760 --> 00:25:26,760 Very cool. 388 00:25:26,760 --> 00:25:28,520 I think I've been writing a lot over the last few weeks. 389 00:25:28,520 --> 00:25:32,320 I just started writing my first tools in Rust. 390 00:25:32,320 --> 00:25:33,800 Manages to learn more about Rust. 391 00:25:33,800 --> 00:25:34,800 I actually really like Rust. 392 00:25:34,800 --> 00:25:35,800 I like Rust a lot. 393 00:25:35,800 --> 00:25:42,320 I wouldn't recommend it if you're starting out programming, but it's a very interesting 394 00:25:42,320 --> 00:25:43,320 language. 395 00:25:43,320 --> 00:25:44,960 But yeah, I agree 100% still. 396 00:25:44,960 --> 00:25:50,920 I think PowerShell is just a great language for very quick iteration on writing new tooling 397 00:25:50,920 --> 00:25:59,200 and also helps with source code control because it's just the script file itself, which you 398 00:25:59,200 --> 00:26:01,200 can store in your repo and so on. 399 00:26:01,200 --> 00:26:06,120 Hey, do you talk about digital signatures on PowerShell scripts? 400 00:26:06,120 --> 00:26:11,640 We have a short section about code signing. 401 00:26:11,640 --> 00:26:14,080 So yes, what do you want to know? 402 00:26:14,080 --> 00:26:16,920 And I'm sure I can't answer all your crypto questions. 403 00:26:16,920 --> 00:26:20,800 Yeah, I just realized it's Michael and his crypto again. 404 00:26:20,800 --> 00:26:29,680 No, there's a time I would love to see where environments in general run just signed code. 405 00:26:29,680 --> 00:26:37,040 And I know that there are political and philosophical disagreements with that. 406 00:26:37,040 --> 00:26:43,840 But I think some types of environments, you really should only execute signed code, whether 407 00:26:43,840 --> 00:26:49,240 it's a binary, an executable or an ELF binary in Linux. 408 00:26:49,240 --> 00:26:52,280 But I think the same goes with PowerShell, right? 409 00:26:52,280 --> 00:26:53,280 You can actually have a signature. 410 00:26:53,280 --> 00:26:57,500 Yeah, you can have a signature on a PowerShell script and you can have a policy that says 411 00:26:57,500 --> 00:27:00,360 only run signed PowerShell scripts. 412 00:27:00,360 --> 00:27:01,360 Yes. 413 00:27:01,360 --> 00:27:08,800 And actually, you can also, depending on how you configure your environment, you can also 414 00:27:08,800 --> 00:27:17,880 configure it so that only signed scripts are allowed to actually run in full language mode 415 00:27:17,880 --> 00:27:26,080 and that other unsigned are not allowed to run in full language mode, but rather in constrained 416 00:27:26,080 --> 00:27:35,560 language mode, which is some kind of very restricted language mode, which allows you 417 00:27:35,560 --> 00:27:39,200 to only run safe commands. 418 00:27:39,200 --> 00:27:45,920 So we just talked earlier about running C sharp code from PowerShell and this would not 419 00:27:45,920 --> 00:27:51,720 be possible if you tried to run C sharp code from constrained language mode. 420 00:27:51,720 --> 00:27:53,760 I didn't even know that existed. 421 00:27:53,760 --> 00:27:55,320 Oh, that's news to me. 422 00:27:55,320 --> 00:27:57,000 Sarah, you're aware of that? 423 00:27:57,000 --> 00:27:58,840 That PowerShell has a constrained mode? 424 00:27:58,840 --> 00:27:59,840 I didn't know that. 425 00:27:59,840 --> 00:28:00,840 Okay. 426 00:28:00,840 --> 00:28:04,720 So I'm going to have a confession here and that actually leads very nicely onto what I 427 00:28:04,720 --> 00:28:06,760 was going to ask Miriam next. 428 00:28:06,760 --> 00:28:13,280 So I don't know a whole load of PowerShell going to true confession. 429 00:28:13,280 --> 00:28:18,880 Not for any particular reason apart from I have never really needed to in my career. 430 00:28:18,880 --> 00:28:21,080 Don't hate on me too much. 431 00:28:21,080 --> 00:28:26,360 But Miriam, for our listeners, I'm hoping there are some listeners who are like me and 432 00:28:26,360 --> 00:28:29,200 maybe don't do too much PowerShell. 433 00:28:29,200 --> 00:28:32,080 Obviously, I know what it is and what it can do. 434 00:28:32,080 --> 00:28:38,200 What would you say, what are the kind of people who you reckon, like a PowerShell noob like 435 00:28:38,200 --> 00:28:40,920 me? 436 00:28:40,920 --> 00:28:46,520 What could I learn from your book or why would I, why would it be worth me picking up your 437 00:28:46,520 --> 00:28:49,760 book and reading it even if I don't do a lot of PowerShell? 438 00:28:49,760 --> 00:28:50,760 Yeah. 439 00:28:50,760 --> 00:28:58,360 So basically, I tried to write this book not only for one community, so not only for security 440 00:28:58,360 --> 00:29:00,440 professionals who are working with PowerShell. 441 00:29:00,440 --> 00:29:03,680 I tried to address many more. 442 00:29:03,680 --> 00:29:10,720 So also pen testers, administrators, people that are just trying to start out with PowerShell. 443 00:29:10,720 --> 00:29:19,000 And if you are trying to start out with PowerShell, I definitely recommend go through the book 444 00:29:19,000 --> 00:29:26,200 chapter by chapter because it builds on each other and you will just learn the basics from 445 00:29:26,200 --> 00:29:27,440 the beginning. 446 00:29:27,440 --> 00:29:36,280 You will learn about the help system so that you can also help yourself to understand PowerShell 447 00:29:36,280 --> 00:29:43,560 CMD LED in a better way, you can also find out what CMD LEDs exist if you are interested 448 00:29:43,560 --> 00:29:51,600 in and how you can use PowerShell to help yourself getting to know PowerShell. 449 00:29:51,600 --> 00:30:01,040 And also the second chapter is also for people who never really scripted PowerShell or for 450 00:30:01,040 --> 00:30:09,320 other people who just needs or who just need a refresher on the scripting fundamentals. 451 00:30:09,320 --> 00:30:13,880 And basically, you learn a little bit more in every chapter. 452 00:30:13,880 --> 00:30:16,640 You learn how to operate PowerShell. 453 00:30:16,640 --> 00:30:19,920 You learn also, yeah, how to help yourself. 454 00:30:19,920 --> 00:30:22,320 I said this before, I know. 455 00:30:22,320 --> 00:30:25,480 But everything somehow builds on each other. 456 00:30:25,480 --> 00:30:30,640 So if you learned a cool trick in the chapter before, we are already using it in the next 457 00:30:30,640 --> 00:30:35,120 chapter and also building up on that in some cases. 458 00:30:35,120 --> 00:30:41,400 And basically, you will not only learn PowerShell, but the cool thing is you will learn it from 459 00:30:41,400 --> 00:30:49,120 a security perspective and everything that I ever learned about PowerShell security that 460 00:30:49,120 --> 00:30:53,600 I could fit in this book, you will find in this book. 461 00:30:53,600 --> 00:30:57,160 So there's really, really a lot of knowledge. 462 00:30:57,160 --> 00:31:00,120 And that's important, I think, if you're learning PowerShell. 463 00:31:00,120 --> 00:31:02,560 And I've said this a million times, but I'll say it again. 464 00:31:02,560 --> 00:31:07,640 And that is, even if you're not a developer, if you work in a cloud environment, you have 465 00:31:07,640 --> 00:31:09,640 to understand the basics of programming. 466 00:31:09,640 --> 00:31:14,480 And I think PowerShell is a very easy way of learning programming concepts. 467 00:31:14,480 --> 00:31:15,480 I really do. 468 00:31:15,480 --> 00:31:21,240 But here you've got a book that even if you're not an expert in PowerShell, you're going 469 00:31:21,240 --> 00:31:26,000 to learn the basics of throwing a PowerShell script together while doing something that's 470 00:31:26,000 --> 00:31:29,240 actually of use and of interest to you. 471 00:31:29,240 --> 00:31:34,360 Whenever I'm learning a new programming language, which I do probably at least once a year, 472 00:31:34,360 --> 00:31:35,880 I'll just write something. 473 00:31:35,880 --> 00:31:38,160 Normally, what I do is I write a web server. 474 00:31:38,160 --> 00:31:41,880 That sounds really silly, but I actually write a simple web server. 475 00:31:41,880 --> 00:31:45,760 And the reason why I do that is because I worked in IIS for a long time, so I know how 476 00:31:45,760 --> 00:31:46,760 web servers work. 477 00:31:46,760 --> 00:31:50,400 But I write just a very, very simple web server. 478 00:31:50,400 --> 00:31:53,640 And that way, you start doing something, you start off with something very, very simple 479 00:31:53,640 --> 00:31:54,640 like listing on a socket. 480 00:31:54,640 --> 00:31:56,680 Then you're doing some file I.O. 481 00:31:56,680 --> 00:31:59,080 Then you make it multi-threaded, blah, blah, blah, blah, blah. 482 00:31:59,080 --> 00:32:00,760 All these different things. 483 00:32:00,760 --> 00:32:05,080 But here you've got even if you're not, again, not an expert in PowerShell, you can start 484 00:32:05,080 --> 00:32:10,280 learning how to program in PowerShell, which is just programming in general. 485 00:32:10,280 --> 00:32:14,280 But at the same time, you're learning it through something that's of interest to you. 486 00:32:14,280 --> 00:32:17,880 And I think that accelerates the learning experience. 487 00:32:17,880 --> 00:32:24,960 So I think books like this are really fantastic for this dual-pronged approach, learning to 488 00:32:24,960 --> 00:32:30,160 program and learning cybersecurity programming all at the same time, which I think is just 489 00:32:30,160 --> 00:32:31,160 brilliant. 490 00:32:31,160 --> 00:32:35,240 So I hope that the book does amazingly well because it deserves to. 491 00:32:35,240 --> 00:32:36,240 Thank you so much. 492 00:32:36,240 --> 00:32:39,000 I know PowerShell and I know cybersecurity stuff. 493 00:32:39,000 --> 00:32:45,000 And I've done written all sorts of different tools, but I don't pretend to understand the 494 00:32:45,000 --> 00:32:51,720 depth and breadth to which PowerShell will help me, Red Team and Blue Team. 495 00:32:51,720 --> 00:32:57,120 For example, in an Azure environment, I generally don't know how deep and how broad PowerShell 496 00:32:57,120 --> 00:32:59,080 can possibly go. 497 00:32:59,080 --> 00:33:02,080 And frankly, what things I should even look out for. 498 00:33:02,080 --> 00:33:08,560 So I for one, as soon as this podcast episode is done and done, I will go ahead and pre-order 499 00:33:08,560 --> 00:33:09,560 a copy. 500 00:33:09,560 --> 00:33:12,440 I'll probably buy it on a Kindle to be honest with you just because I just enjoy reading 501 00:33:12,440 --> 00:33:18,160 my Kindle outside in the sun, by the pool drinking gin and tonic. 502 00:33:18,160 --> 00:33:20,440 So yeah, I'll definitely be one for the book. 503 00:33:20,440 --> 00:33:23,400 All right, so we're getting close to wrapping this episode up. 504 00:33:23,400 --> 00:33:28,560 So Miriam, any other further thoughts on the book before we bring this thing to a close? 505 00:33:28,560 --> 00:33:34,940 If you are thinking of buying my book, I really hope that you enjoy reading it. 506 00:33:34,940 --> 00:33:41,880 So basically, it has so much of my condensed knowledge when it comes to PowerShell security 507 00:33:41,880 --> 00:33:43,000 in there. 508 00:33:43,000 --> 00:33:48,040 Everything that I ever worked on is included there. 509 00:33:48,040 --> 00:33:51,360 And I really hope that you enjoy reading it. 510 00:33:51,360 --> 00:33:59,040 And for the listeners of this podcast, we also do have a discount code. 511 00:33:59,040 --> 00:34:04,640 And you will find the discount code on the website of this podcast. 512 00:34:04,640 --> 00:34:06,000 Very exciting, Miriam. 513 00:34:06,000 --> 00:34:07,000 Yeah. 514 00:34:07,000 --> 00:34:12,040 And as Miriam said, we'll have that in the show notes if you're interested in reading 515 00:34:12,040 --> 00:34:16,400 more about PowerShell, which hopefully you should be by now. 516 00:34:16,400 --> 00:34:21,360 So Miriam, you've been on the podcast before as a guest, so you know how we finish this 517 00:34:21,360 --> 00:34:22,360 off. 518 00:34:22,360 --> 00:34:27,960 We ask our guest for a final thought. 519 00:34:27,960 --> 00:34:33,040 So what's your final thought to leave our listeners with this time? 520 00:34:33,040 --> 00:34:37,480 So I think PowerShell is really important when it comes to security. 521 00:34:37,480 --> 00:34:44,360 So there are a lot of actors that are using PowerShell for their malicious purposes. 522 00:34:44,360 --> 00:34:49,580 But it could also really be gold in the hand of defenders. 523 00:34:49,580 --> 00:35:00,840 So it has a huge and very detailed logging capabilities and also really helps you to 524 00:35:00,840 --> 00:35:06,160 secure your environment if you know what to do. 525 00:35:06,160 --> 00:35:13,800 And really think about it, how PowerShell could benefit you either from a blow-teamer 526 00:35:13,800 --> 00:35:16,960 or a red-teamer perspective. 527 00:35:16,960 --> 00:35:22,120 And also thanks for listening, me talking about my book. 528 00:35:22,120 --> 00:35:26,240 And I really hope that you will enjoy it. 529 00:35:26,240 --> 00:35:30,080 And I put a little bit of everything in it. 530 00:35:30,080 --> 00:35:37,920 So it doesn't matter if you are a beginner or a professional with already tons of experience. 531 00:35:37,920 --> 00:35:44,800 I try to fit everything in there, and I hope you enjoy reading my book. 532 00:35:44,800 --> 00:35:46,560 Thank you so much for having me on the podcast. 533 00:35:46,560 --> 00:35:47,560 Yeah, thank you, Maryam. 534 00:35:47,560 --> 00:35:49,560 I think it's a great final wrap-up. 535 00:35:49,560 --> 00:35:52,000 And I really want to endorse the whole concept. 536 00:35:52,000 --> 00:35:56,520 Again, if you're learning programming and you're interested in cybersecurity, this is 537 00:35:56,520 --> 00:36:01,480 a great way of doing it because it will introduce you to both at the same time while covering 538 00:36:01,480 --> 00:36:03,000 a topic that you're passionate about. 539 00:36:03,000 --> 00:36:08,400 So learning programming through osmosis is generally a very good thing. 540 00:36:08,400 --> 00:36:11,320 So again, thank you so much for joining us this week, Maryam. 541 00:36:11,320 --> 00:36:13,480 And congratulations on the book. 542 00:36:13,480 --> 00:36:15,440 And to all our listeners out there, thanks for listening. 543 00:36:15,440 --> 00:36:17,920 We hope you found this episode useful. 544 00:36:17,920 --> 00:36:19,760 Do go out and buy Maryam's book. 545 00:36:19,760 --> 00:36:21,920 And stay safe, and we'll see you next time. 546 00:36:21,920 --> 00:36:24,860 Thanks for listening to the Azure Security Podcast. 547 00:36:24,860 --> 00:36:31,680 You can find show notes and other resources at our website azsecuritypodcast.net. 548 00:36:31,680 --> 00:36:36,480 If you have any questions, please find us on Twitter at Azure Setpod. 549 00:36:36,480 --> 00:37:03,480 Background music is from ccmixtr.com and licensed under the Creative Commons license.