This week was all about getting a clear picture: what we're setting out to do, what's happening in your environment, and how to start tightening things up without overwhelming your team. We are starting to make smart, early moves that quietly raise the bar for any would-be cybercriminals.
This webinar series is designed to be as technology-agnostic as possible. You don’t need ThreatLocker to participate, but it certainly helps.
If you want to follow along more easily, we’d be happy to help you get started with a ThreatLocker agent. Just book a demo to chat with a ThreatLocker Solutions Engineer and get a 30-day free trial to the entire ThreatLocker platform.
# Get all members of the local Administrators group
$adminGroup = [ADSI]"WinNT://./Administrators,group"
$adminMembers = @()
foreach ($member in $adminGroup.psbase.Invoke("Members")) {
$user = $member.GetType().InvokeMember("Name", 'GetProperty', $null, $member, $null)
$adminMembers += $user
}
# Get last logon info for each admin account
$adminInfo = foreach ($admin in $adminMembers) {
try {
$userAccount = Get-LocalUser -Name $admin -ErrorAction Stop
[PSCustomObject]@{
Username = $userAccount.Name
Enabled = $userAccount.Enabled
LastLogon = $userAccount.LastLogon
Description = $userAccount.Description
}
} catch {
Write-Warning "Could not retrieve info for $admin"
}
}
# Export to CSV
$adminInfo | Export-Csv -Path "$env:USERPROFILE\Desktop\AdminAccounts.csv" -NoTypeInformation
Write-Output "Admin account information exported to Desktop\AdminAccounts.csv"
Now, time to knock out your homework.
You're ready to go on to week 2 of the series!
Access the additional downloadable resource that will help you make the most of this webinar.
Whether you're starting from zero or organizing an inherited environment, this tactical checklist will help you fully secure your environment step by step.
There are 15 webinars, each approximately one hour long including an audience Q&A. If you put one webinar's recommendations per week, you will complete the series in approximately 100 days.
This series is for IT professionals ready to take control of their environment, whether you've just inherited one, are rebuilding from the ground up, or need to scale and secure what’s already in place.
No, you can implement the recommendations in all or only a few of the sessions, but we do recommend watching all of them in order, as we often build on the previous week's efforts.
No, the entire series, including the additional downloadable resources, is completely free.
Unfortunately, the badge was only available for people who attended the sessions live in May-August 2025.
Request your 30-day trial to the entire ThreatLocker platform today.
Try ThreatLocker