Miriam Wiesner is the author of PowerShell Automation and Scripting for Cybersecurity we got the chance to sit down with her and find out more about her experience of writing with Packt.
Q: How did you become an author for Packt? Tell us about your journey. What was your motivation for writing this book?
Miriam: Writing a book is something that I always thought of as cool and fascinating, but I didn’t think that I actually would write one at some point. One day, Packt approached me via LinkedIn and asked me if I wanted to write a book on PowerShell Cybersecurity for them. Damn, did I feel flattered! When asked I thought at first that I would never manage to write it, although I was really interested in reading a book like this *laughs*. The more I thought about it, the more I became convinced that I already had the knowledge and expertise I needed. And so, I accepted.
Q: What is the name of your book?
Miriam: PowerShell Automation and Scripting for Cybersecurity: Hacking and defense for red and blue teamers.
Q: What kind of research did you do, and how long did you spend researching before beginning the book?
Miriam: Before beginning the actual work, I mostly researched how to structure a book, since I was completely new to writing. The actual technical research began when I started writing the chapters. During this process I read a lot of documentation and whitepapers to ensure that all the information I was putting into the book was valid. But to be honest, I have no idea how much time I spent in total.
Q: What key takeaways do you want readers to come away with from the book?
Miriam: PowerShell itself is not dangerous and it can help you enormously to improve your security. It is also quite useful for red teamers, as it is present on (almost) every Windows system, but if the company is heavy into monitoring and detection, you might ger easily detected when using PowerShell.
Q: Can you share any blogs, websites and forums to help readers gain a holistic view of the tech they are learning?
Miriam: Sure, there are so many great blogs and websites out there – too many to mention all of them here. I have linked many of them in my book. Either in the chapter or in the “Further Reading” section. All links that were mentioned in my book can be also found in the book’s GitHub repository in a condensed form.
Q. Did you face any challenges during the writing process? How did you overcome them?
Miriam: When you start writing you are full of motivation and energy. After some time, this energy fades as you become more used to writing. I spent a lot of time on the weekends or during my work week evenings on the book, which can be quite exhausting: you easily get distracted and start to procrastinate. I believe this was my biggest challenge. I overcame it by using the Pomodoro technique: you spend 25 minutes completely focused and then you have 5 minutes to do whatever you want and be distracted. This technique helped tremendously to get things done. Often, I even stretched my 25 minutes of focus time when I just wanted to finish a section.
Q. How would you describe your author journey with Packt? Would you recommend Packt to aspiring authors?
Miriam: I was a first-time author, so I had no clue what it’s like to work on a book with a publisher like Packt. A lot of the journey was about setting expectations and rearranging timelines if your original plans did not work out. If I ever write a book again, I think I would already prepare some parts of the chapters. Because once you start working with a publisher, everything becomes quite fast paced and you have to deliver and fulfill expectations.
Although Packt was sometimes quite pushy – which I did not always like *laughs* – this also helped me to get things done. But they were also very understanding if things did not work out due to unseen circumstances. I was very happy that I had such a great team in the background that was helping me to get my chapters from a draft status into the finalized chapter. So big thank you to my editors, my tech reviewers and all the great people that were involved in this project.
There were several stages: first I had to submit my first drafts which were reviewed by my senior editor, ensuring that I meet Packt’s style guides and that the chapter is complete: sometimes you just overlook a section that you haven’t finished when submitting the draft. Once the first draft was accepted, it was sent to my technical reviewers – all great professionals that I deeply respect and value.
Once the technical review was over, the chapter was sent to the editorial reviewers, who ensured that my grammar and vocabulary was on point. As a non-native English speaker writing in English, I was very happy about this step.
Finally, it was Packt’s turn to get the chapters to a finalized status, layout wise, which I had then to review and accept before the book went into the print. It was a lot of work, but in total I had a very pleasant experience working with Packt – especially with the great team I worked with.
Q. Why should readers choose this book over others already on the market? How would you differentiate your book from its competition?
Miriam: From what I know there is currently no book available that discusses PowerShell Cybersecurity in this detail. Additionally, we are not only looking into PowerShell solely, but also into other connected technologies like Active Directory or Entra ID (formerly Azure AD) and more. You will learn a lot of Security basics, as we are also looking into protocols and general attack possibilities – and all of that from a PowerShell perspective.
Q. What is/are your specialist tech area(s)?
Miriam: Cybersecurity, PowerShell, Active Directory & Entra ID Security, Windows Event Logs, Secure Infrastructure.
Q. What advice would you give to readers jumping into this technology? Do you have any top tips?
Miriam: Don’t be afraid to get your hands dirty: practice makes the difference! Set up a lab (e.g., by setting up virtual machines) and start playing around. Set checkpoints and don’t be afraid to break things in your test environment.
Q. What’s your take on the technologies discussed in the book? Where do you see these technologies heading in the future?
Miriam: Since PowerShell is preinstalled on every current Windows computer, it won’t go away that easily and Security is an always present topic, in my opinion. Applying the security recommendations discussed in my book would help to improve the posture of many IT environments. But it is not only PowerShell that people should take into consideration when talking about security. It is also the system and the infrastructure beneath that need to be hardened. PowerShell is a great technology that provides security by default, but it is only as secure as the system on which it is running. PowerShell provides great logging capabilities that other scripting languages don’t, but in the end, you also need someone who looks at those logs regularly and understands what is happening. So, no matter how secure your PowerShell setup is, you also need to invest in other areas, like hardening your environment, but also in monitoring to ensure that you spot malicious activities when they happen.
Q. How did you organize, plan, and prioritize your work and write the book?
Miriam: Before I started writing the book, I created an overview of it as well as a table of contents. This really helped me in the progress. While writing the structure changed a bit, as I was clearer on the content of every chapter. Like this I even added two more chapters that were not planned originally. The writing itself was quite tough: you had to repeatedly find the motivation to sit yourself down and work on the book, decline to spend time with friends and family and work long evening shifts.
Especially with a full-time day job, this was not always easy, but somehow, I pulled through. I usually worked on the book each evening for at least a few hours and allowed myself to only plan one leisure time activity each weekend, so that I had more time to work on the book. Additionally, my husband supported me tremendously – during this time he did all the household chores and had my back so that I could fully concentrate on the book.
Q. What are your favorite tech journals? How do you keep yourself up to date on tech?
Miriam: I don’t think that I do have a favorite tech journal. To get the latest news in tech, there was a time when I could recommend Twitter – now known as X – wholeheartedly. But there was a break at some point and many security professionals switched to Mastodon instead of Twitter. I for my part try to keep the balance and look into Twitter and Mastodon, as well as LinkedIn to get the latest news – using these sources you usually get the latest news even before media and magazines pick it up. Of course, I also read technical literature from time to time on topics that I find interesting.
Q. Would you like to share your social handles? If so, mention them below.
Miriam: Sure. Here you go:
Mastodon: @[email protected]
Q: What is that one writing tip that you found most crucial and would like to share with aspiring authors?
Miriam: Some days, you might find yourself unmotivated and it feels like you have lost all your creativity. Instead of skipping working on the book on days like this, just sit down and start working with the thought in mind of only working for 30 minutes – maybe just on another task than the one you were working on last. You might not be motivated at first, but after some minutes, your creativity flows back in, and you find yourself working way longer than you originally planned to. Just get started and it will get easier.
You can find Miriam’s book on Amazon by following this link: Please click here