PowerShell Task Automation Platform, which is often abused by threat actors distributing malware (opens in new tab), can also be used for attack detection and prevention. This is the advice the US National Security Agency (NSA) recently gave to system administrators everywhere.

Together with cybersecurity centers in the UK and New Zealand, the NSA has published a security advisory in which it argues that blocking PowerShell, a common security practice, actually reduces organizations’ defensive capabilities against ransomware. (opens in new tab) and other forms of cyber attacks.