PowerShell Protect

Audit and block PowerShell scripts on Windows

PowerShell Protect integrates with the Anti-Malware Scan Interface (AMSI) to scan scripts before they are run. Several built in rules allow for blocking know exploits while a custom rule engine allows you to define additional conditons to either audit or block. Built in auditing tools allow for integrating easily with a SIEM.

Default Blocking

Block suspicious behavior without having to configure PowerShell Protect at all.

Learn More

Custom Blocking

Block scripts based on rules defined with the PowerShell Protect configuration system.

Learn More

Audit

Audit script activity with HTTP, TCP, UDP, and files.

Learn More

Format

Format audit output to easily integrate with your SIEM.

Learn More

Deploy XML

Deploy PowerShell Protect configurations as a single XML document via Group Policy or the file system.

Learn More

Simple Install

Install the PowerShell Protect AMSI provider with a single PowerShell command.

Learn More