Using the Secret Management PowerShell Module with Azure Key Vault and Azure Automation, Saying Goodbye to Windows 10
+Automating Applocker Configuration for Intune
Hey everyone! Here’s to another great week of PowerShell content! I have a video out about my Ghost security module, which will be the first of many videos and repositories related to the module. I plan to announce v3 of Ghost at the Michigan Association of Education Data Systems conference in Traverse City, Michigan on October 29th.
PowerShell Videos
Here’s a video about my PowerShell module, Ghost. It disables unsafe protocols.
PowerShell Wednesday this week covers AutomatedLab, a powerful PowerShell module for building and automating virtual labs. Constantin Hager walks through creating a basic lab, then builds a more advanced environment with roles and custom configurations.
The PowerShell Podcast with Andrew Pla (from PDQ) had Adil Leghari where he discusses his career journey from PowerShell to cloud security at Palo Alto Networks, and how AI is changing cybersecurity. He also stresses the importance of empathy, authenticity, and mentorship in the tech community, especially as a kickoff for Cybersecurity Month.
PowerShell Community News
PowerShell 7.6.0 Preview 5 Release
Harm Veenstra has an interesting article on the PowerShell 7.6.0 Preview 5 Release, highlighting a long list of critical updates, fixes, and changes from the latest community-contributed preview version of PowerShell. Key updates include the renaming of the ThreadJob module, numerous improvements to cmdlets and the engine, and a long list of breaking changes, all available for non-production testing via WinGet or direct MSI installers.
https://powershellisfun.com/2025/10/17/powershell-7-6-0-preview-5-release/
Chris Vetter has a great article on applying DISA STIG settings with Microsoft Intune, exploring three advanced methods to enforce stringent security baselines that Intune does not natively support. The solutions presented include deploying PowerShell DSC (Desired State Configuration) as a Win32 app, creating Custom OMA-URI Profiles for MDM-accessible settings, and using PowerShell Remediation Scripts for continuous compliance and configuration drift management.
Using the Secret Management PowerShell Module with Azure Key Vault and Azure Automation
Tony Redmond has an interesting article on using the Secret Management PowerShell module to fetch and use credentials from Azure Key Vault within Azure Automation Runbooks. The post details how to install the necessary modules, register an Azure Key Vault, and then use the retrieved secrets to create a credentials object for cmdlets like Connect-IPPSSession, offering a more secure and centralized alternative to storing duplicate credentials as automation account resources.
https://office365itpros.com/2025/10/16/secret-management-azure-automation/
Jeff Hicks has a great article on managing temporary work in PowerShell, exploring the different locations where temporary files and directories are stored across Windows and non-Windows operating systems. He demonstrates how to access the temporary location using the $env:TEMP variable and the cross-platform .NET method [System.IO.Path]::GetTempPath(), and highlights the usefulness of the little-known New-TemporaryFile cmdlet for creating ephemeral files.
https://buttondown.com/behind-the-powershell-pipeline/archive/powershell-temporary-work/
The Struggles of Module Development - pr0mpt
Robert Prüst has a great article on the common struggles in PowerShell module development, shifting the focus from simple scripting to a more developer-centric mindset. The post covers essential topics like when to convert scripts to a module, establishing consistent naming conventions, using scaffolding tools for structure, implementing versioning and testing with tools like Pester and PSScriptAnalyzer, automating workflows with build scripts, and various methods for distributing the final module.
https://powershellpr0mpt.com/2025-10-07-the-struggles-of-module-development/
Automate Applocker configuration for Intune - NielsKok.Tech
Niels Kok has an interesting article on how to automate AppLocker policy creation for Microsoft Intune, using the open-source tool AaronLocker. The post details a process of installing necessary applications via a Win32App package on a sequencing machine, running AaronLocker to generate the AppLocker XML configuration based on those apps, and then using a separate script (linked from a previous post) to upload the resulting enforce policy as an Intune configuration profile.
https://www.nielskok.tech/intune/automate-applocker-configuration-for-intune/
Creating a Comprehensive Inactive Guest Account Report | Practical365
Tony Redmond has a great article on creating a comprehensive Inactive Guest Account Report, arguing that relying solely on the last sign-in date to determine inactivity is flawed and short-sighted. He provides a PowerShell script that uses Microsoft Graph to combine sign-in data with deeper insights from the unified audit log to identify real activity—like file modification or message posts—and uses this enriched data to make better, more intelligent decisions about which guest accounts should be kept or removed.
https://practical365.com/inactive-guest-account-report/
Windows 10’s last ride: Patch Tuesday and the end of an era
Brock Bingham from PDQ has an interesting article on the final Patch Tuesday for Windows 10, which officially reached end-of-life on October 14, 2025, marking the end of free updates unless users pay for the Extended Security Updates (ESU) program. The post also highlights that this major patch cycle included 173 fixes, with three vulnerabilities being actively exploited, and advises sysadmins to inventory systems, upgrade to Windows 11, or explore alternatives like ChromeOS Flex or Windows LTSC.
PowerShell Conference Europe 2026: Call for Speakers PowerShell Conference Europe 2026 has an interesting post about the Call for Speakers for their event in Wiesbaden, Germany, from June 1-4, 2026. Submissions for sessions are open until December 14, 2025, and they are looking for unique content ranging from Real-Life PowerShell and DevOps to soft skills, with options for 45-minute standard sessions or 90-minute follow-along/deep dive sessions.