The PowerShell Podcast Cookie Monster Has Entered the Teams Chat with Miriam Wiesner

Recorded live at PSConfEU 2026, Andrew sits down with returning guest Miriam Wiesner, Senior Security Researcher at Microsoft, for a wide-ranging conversation on PowerShell security, cookie-based attacks, and the evolving threat landscape. Miriam walks through her two conference talks — one on Microsoft Teams session cookie hijacking (a follow-up to her 2025 Entra ID cookie talk, complete with Cookie Monster branding and actual handcuffs), and a joint session with Stéphane van Gulick on using Microsoft Defender’s Live Response feature for incident investigation. The conversation also covers the current state of PowerShell security, why sophisticated attackers are moving away from PowerShell, and why defenders who haven’t enabled script block logging and AMSI are leaving easy wins on the table. On top of the technical deep dive, Miriam and Andrew get into the human side of the conference community — nerves before presenting, imposter syndrome, and why showing up is already half the battle.