PowerShell Protect
PowerShell Protect
Download
Pricing
About
Getting Started
Examples
Rules
Actions
Configuration
Licensing
Changelog
Powered by GitBook

Getting Started

Getting started with PowerShell Protect

PowerShell Protect can be installed from the PowerShell Gallery. 

Install-Module PowerShellProtect

To install the AMSI provider that is used to audit and block scripts, you will need to run the following command.

This command needs to be run as administrator. 

Install-PowerShellProtect

You will need a license key to use PowerShell Protect. You can request a trial key or purchase a license on our website. You can use the configuration cmdlets to install the license.

$Configuration = New-PSPConfiguration -License "<License></License>"
Set-PSPConfiguration -Configuration $Configuration -FileSystem

Once installed, the Default Rules will be enabled. You can also enable additional rules using the PowerShell Protect configuration cmdlets.

For example, this configuration will block and audit any script that contains a command with webrequest in the name. 

$Condition = New-PSPCondition -Property "command" -contains -Value "webrequest"
$BlockAction = New-PSPAction -Block
$FileAction = New-PSPAction -File -Format "{applicationName},{rule}" -Path "%temp%\audit.csv" -Name 'File'
$Rule = New-PSPRule -Name "Web Request" -Condition $Condition -Action @($BlockAction, $FileAction)
$Configuration = New-PSPConfiguration -License "<License></License>" -Rule $Rule
Set-PSPConfiguration -Configuration $Configuration -FileSystem
Previous
About
Next
Examples
Last updated 1 month ago