Writing secure PowerShell doesn't need to be hard! There are tools available that will immediately aid you in securing your PowerShell code that come at no cost.

What we'll cover:

- A review of the in-box rules in PSScriptAnalyzer related to security.
- We'll look at how we can extend PSScriptAnalyzer rules with PowerShell InjectionHunter.
- How to create a custom PSScriptAnalyzer rule to cover something that might not exist yet.
- Wiring these up to a Github Actions workflow so we can not only run locally but in our CI/CD pipeline as well.
- Using Microsoft.PowerShell.SecretManagement to keep sensitive API keys/tokens and passwords out of your code.
- Lastly, trust what you use. Are you pulling in a dependency? Things to look for when reviewing external code dependencies.

Writing more secure code is a time investment that is much cheaper than a breach. Use these tools to start writing secure PowerShell code today!