CISA, NSA and International Partners Release PowerShell Security Measures Guidance

CISA, NSA and International Partners Release PowerShell Security Measures Guidance 

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), the New Zealand National Cyber Security Centre (NZ NCSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK) published a cybersecurity information sheet (CIS), “Keeping PowerShell: Security Measures to Use and Embrace,” with technical details on using PowerShell® and its security measures.

Recent versions of PowerShell can assist defenders in countering malicious abuse because they include improved capabilities, options, and enhanced security measures, such as the prevention, detection, and authentication capabilities.

Cybersecurity authorities from the United States, New Zealand, and the United Kingdom recommend proper configuration and monitoring of PowerShell – such as following the recommended guidance in this CIS – as opposed to removing or disabling PowerShell entirely.

CISA is posting information on our social media platforms. We appreciate you sharing this information and/or amplifying our social media with your community of followers.

Steve Lyddon
Protective Security Advisor, Region 5, Illinois
Cybersecurity & Infrastructure Security Agency
U.S. Department of Homeland Security
217-299-3954 / steven.lyddon@cisa.dhs.gov