The PowerShell Podcast

Andrew sits down with Leo D'Arcy, cloud solutions architect and PSConfEU speaker, to talk certificates, PKI infrastructure, and why so many organizations get it so spectacularly wrong. Leo shares how a decade of consulting work in remote access solutions pulled him into the world of Active Directory Certificate Services whether he liked it or not, and how that hands-on experience turned into conference talks and a genuine specialty. The conversation covers the difference between self-signed certs and proper CA infrastructure, why code signing deserves more attention than it gets, and how integrating signing into a CI/CD pipeline is less painful than it sounds. They also get into the "developer-ization" of IT, the underrated value of consulting experience for career growth, and why communicating across teams is just as important as knowing your PowerShell.
 
Key Takeaways:

Code signing through a CI/CD pipeline is a practical, scalable alternative to constrained language mode. By adding a signing step to your build process, you get cryptographic proof that scripts haven't been tampered with, without giving up flexibility in what you can run.

Self-signed certificates are essentially the same as having no certificate at all. A proper PKI means having a chain of trust, a policy behind how certs are issued, and infrastructure that your organization actually manages and maintains.

Technical depth only gets you so far. The people who advance in IT are the ones who can talk networking with network engineers, infrastructure with server teams, and business outcomes with leadership. Soft skills aren't a bonus, they're a multiplier.

Guest Bio:
Leo D'Arcy is a UK-based cloud solutions architect with nearly a decade of consulting background in Microsoft technologies, including Azure, remote access solutions, PKI, and Active Directory Certificate Services. He's a repeat speaker at PSConfEU and runs the Remote Access User Group community on Discord. He's currently focused on Azure landing zone architecture and large-scale PowerShell automation at a stakeholder advisory firm.
 
Resource Links:

Leo on GitHub: github.com/ld0614

PSConfEU: psconf.eu

Leo on Bluesky: https://bsky.app/profile/leodarcy.bsky.social

Leo on LinkedIn: https://www.linkedin.com/in/leodarcy/

Connect with Andrew: https://andrewpla.tech/links

Microsoft Remote Access User Group Discord: https://discord.aovpndpc.com/

The PowerShell Podcast on YouTube: https://youtu.be/BidUaXtwUNM

In this episode, Andrew chats with Adriano Carollo at PSConfEU about community, PowerShell Universal, AI, and what happens when you stop lurking and start talking to people. Adriano shares how PowerShell helped him grow from sysadmin into web apps, automation, and open source-style contribution, while Andrew reflects on learning, AI, and why enthusiasm still matters.  

Key Takeaways: 
· Community accelerates growth. Adriano came to PSConfEU after hearing Andrew encourage listeners to engage, and the payoff was immediate. 
· PowerShell Universal can open unexpected doors. Adriano describes using it daily to learn web development concepts like JavaScript, HTML, and React through PowerShell. 
· AI is most useful when it supports learning instead of replacing it. Both Andrew and Adriano talk about using AI for research, syntax help, documentation, and personal workflows while still valuing hands-on problem solving. 

Guest Bio: 
Adriano Carollo is a Berlin-based system administrator and PowerShell enthusiast who uses PowerShell Universal daily. He is active in the PowerShell Universal Discord community and is exploring automation, web apps, self-hosting, and entrepreneurship. 

Resource Links: 

PDQ Connect:https://www.pdq.com/pdq-connect/

PowerShell Scanner for PDQ Connect:https://www.pdq.com/blog/the-powershell-scanner-has-arrived-in-pdq-connect/

PowerShell Universal:https://powershelluniversal.com/

PSConfEU:https://psconf.eu/ 

PDQ Community Discord:https://discord.gg/pdq

Adriano C. https://linkedin.com/in/adriano-c-501203213

The PowerShell Podcast on YouTube: https://youtu.be/qLYqUF9gD9s

Recorded live at PSConfEU 2026, Andrew sits down with returning guest Miriam Wiesner, Senior Security Researcher at Microsoft, for a wide-ranging conversation on PowerShell security, cookie-based attacks, and the evolving threat landscape. Miriam walks through her two conference talks — one on Microsoft Teams session cookie hijacking (a follow-up to her 2025 Entra ID cookie talk, complete with Cookie Monster branding and actual handcuffs), and a joint session with Stéphane van Gulick on using Microsoft Defender's Live Response feature for incident investigation. The conversation also covers the current state of PowerShell security, why sophisticated attackers are moving away from PowerShell, and why defenders who haven't enabled script block logging and AMSI are leaving easy wins on the table. On top of the technical deep dive, Miriam and Andrew get into the human side of the conference community — nerves before presenting, imposter syndrome, and why showing up is already half the battle.

Key Takeaways:

Cookie-based identity attacks are an active and growing threat. Microsoft Teams, SharePoint, and OneDrive share session cookies, meaning a single cookie theft can give an attacker broad access across your organization's collaboration tools — no re-authentication required.

Sophisticated threat actors are moving away from PowerShell specifically because its security features work. Script block logging, AMSI, and Constrained Language Mode make PowerShell activity highly visible and detectable. If your org hasn't enabled these, you're handing attackers an easy path.

Visibility beats prevention. You can't prevent what you can't see. Detection through proper logging is not a consolation prize — it's a core security strategy, and Microsoft Defender's Live Response feature gives teams a powerful way to investigate isolated endpoints without needing RDP or PowerShell remoting enabled.

Guest Bio:
Miriam Wiesner is a Senior Security Research Program Manager at Microsoft with over 15 years of experience in IT security, penetration testing, and security automation. She works on research behind Microsoft Defender and Sentinel and is the creator of widely used open source PowerShell security tools EventList and JEAnalyzer. Miriam is a sought-after speaker at major security and PowerShell conferences including Black Hat, PSConfEU, and MITRE ATT&CK Workshops. She's also the author of "PowerShell Automation and Scripting for Cybersecurity," published by Packt. Her conference speaker career started at PSConfEU 2018 and she's been a fixture of the community ever since.

Resource Links
Miriam's 2025 Cookies talk - https://www.youtube.com/watch?v=8xDcq0pPNPs
Book – PowerShell Automation and Scripting for Cybersecurity (Packt): https://www.amazon.com/PowerShell-Automation-Scripting-Cybersecurity-Hacking/dp/1800566379
Miriam on LinkedIn: https://www.linkedin.com/in/miriamwiesner
Miriam on X/Twitter: https://x.com/MiriamXyra
Miriam's GitHub (EventList, JEAnalyzer, and more): https://github.com/miriamxyra
Miriam's Website: https://miriamxyra.com
Connect with Andrew: https://andrewpla.tech/links
The PowerShell Podcast on YouTube: https://youtu.be/zxJOqcEwgWE

Frank Lesniak joins Andrew Pla for a wide-ranging conversation that covers Frank's newly minted Microsoft MVP status, his journey through PowerShell, and what it looks like to build a real presence in the tech community. Frank talks through the pipeline struggles that tripped him up early on, how his VB Script and object-oriented background made the shift to PowerShell's object model feel disorienting, and how AI has quietly changed the way he approaches scripting today. The conversation takes a thoughtful turn as Andrew and Frank dig into impostor syndrome, the value of conference speaking, and how showing up consistently in the community compounds into a career. Frank also shares an update on DuPage Animal Friends, the nonprofit he serves, which supports one of the country's highest-performing open-admission animal shelters.

Key Takeaways:

The PowerShell pipeline is one of the most commonly cited stumbling blocks for newcomers, especially those coming from text-based scripting backgrounds. Learning to visualize what your objects look like at each stage of the pipeline, using tools like Get-Member, is a skill that pays dividends long term.

Showing up at conferences and user groups, even when you feel underprepared, is how you build the reps that eventually make it feel natural. Frank's consulting background gave him a head start on presentation skills, and he's clear that no one is born polished.

Community involvement and career growth are more connected than they might look from the outside. Engaging with people on GitHub, at events, and through open source creates a feedback loop that builds confidence and opens doors.

Guest Bio:
Frank Lesniak returns to The PowerShell Podcast, this time as a Microsoft MVP (Microsoft Azure, PowerShell). Frank is a Sr. Cybersecurity & Enterprise Technology Architect at West Monroe, where PowerShell runs through client work on corporate M&A: carve-outs, tenant-to-tenant migrations, identity consolidation, endpoint moves, and security posture improvement across Microsoft 365, Azure, Entra ID, Active Directory, Intune, Defender, and Windows.

Beyond consulting, Frank speaks at technical conferences, mentors first-time speakers, and publishes open-source PowerShell standards and tooling, including PSStyleGuide, GloryRole, and PSConnMon. His public work threads least-privilege identity, cloud role mining, cross-platform observability, and high-quality AI-assisted development through standards, automated tests, and automated code quality reviews.

Connect with Frank: https://linktr.ee/franklesniak
Connect with Andrew: https://andrewpla.tech/links
PSConnMon - PowerShell Network Monitoring - https://github.com/franklesniak/PSConnMon/
GloryRole - Automating Least-Privlege Azure and Entra ID Directory Roles - https://gloryrole.com
PowerShell Style Guide - https://github.com/franklesniak/PSStyleGuide
PowerShell Style Guide + Coding Agents Lightning Talk - https://github.com/devops-collective-inc/pshsummit26/tree/main/PowerShellStyleGuideForCodingAgentsAndHumans-Lesniak
Coding Agent Accelerator Template Repo (Coming Soon!) - https://github.com/franklesniak/copilot-repo-template
ProStateKit - the DSC v3-Intune Starter Kit - https://github.com/franklesniak/ProStateKit
ProStateKit Promotional Commercial - https://www.youtube.com/watch?v=cA5vMH522F0
macOSLab - Automating Legit macOS VMs - https://github.com/franklesniak/macOSLab
DuPage Animal Friends - https://www.dupageanimalfriends.org/
PDQ Discord: https://discord.gg/pdq
The PowerShell Podcast: https://www.pdq.com/resources/the-powershell-podcast/
Previous episodes with Frank Lesniak: https://powershellpodcast.podbean.com/?s=Frank+Lesniak
The PowerShell Podcast on YouTube: https://youtu.be/Eg-uEGaurmY

In this episode, host Andrew Pla sits down with Mark Littlefield, VP of Product at PDQ, for a wide-ranging conversation about product management, the PowerShell community, and what it looks like to deeply learn a technical domain when you're not coming from a traditional sysadmin background. Mark shares his journey from tech support to product management, what drew him to PDQ and the challenges facing IT admins, and what surprised him about PowerShell once he started paying close attention. The two also dig into the history behind PDQ Connect's PowerShell Scanner, how product teams learn from customers, the art of storytelling as a PM and sysadmin skill, and more.

Key Takeaways:

Product management and PowerShell automation share a core philosophy: solve problems at the root, not just on the surface. Whether you're writing a script or building a feature, the goal is to eliminate a challenge entirely rather than patch around it.

Understanding your customer requires more than data — it requires immersion. Mark describes going deep into the sysadmin world through customer interviews, internal usage, and community engagement to truly understand the problems facing IT teams.

Great storytelling is a transferable skill. Andrew draws a parallel between how Jeffrey Snover used the Monad Manifesto to get internal buy-in at Microsoft and how to use narrative to align teams and push ideas forward.

Guest Bio:
Mark Littlefield is the VP of Product at PDQ, where he leads product strategy and development for PDQ Connect and the broader PDQ product suite. With over 15 years of product management experience, Mark previously served as VP of Product Management at InsideSales.com, where he oversaw product management and design across the platform. He holds a Bachelor of Science in Information Systems with a focus on Business Intelligence from Utah Valley University and is based in Salt Lake City, Utah.

Resource Links:
PowerShell Event: https://www.pdq.com/save-time-with-powershell-pdq-connect/
PDQ Connect: https://www.pdq.com/pdq-connect/
PDQ PowerShell Scanners GitHub repository: https://github.com/pdqcom/PowerShell-Scanners
The Monad Manifesto (Microsoft Learn): https://learn.microsoft.com/en-us/powershell/scripting/developer/monad-manifesto?view=powershell-7.5
Monad Manifesto blog post by Jeffrey Snover: https://devblogs.microsoft.com/powershell/monad-manifesto-the-origin-of-windows-powershell/
Mark Littlefield on LinkedIn: https://www.linkedin.com/in/mark-littlefield/
Connect with Andrew: https://andrewpla.tech/links
PDQ Discord: https://discord.gg/pdq
The PowerShell Podcast on YouTube: https://youtu.be/fo2V5LC-EZo