From 0646bca665e5cb644b80dc9f579b8c33ddf625f1 Mon Sep 17 00:00:00 2001
From: Jin Lin <linj@microsoft.com>
Date: Mon, 22 Feb 2021 16:53:30 -0800
Subject: [PATCH] Update enable-exploit-protection.md

Additional parameters for hardware-enforced stack protection (https://techcommunity.microsoft.com/t5/windows-kernel-internals/understanding-hardware-enforced-stack-protection/ba-p/1247815)
---
 .../microsoft-defender-atp/enable-exploit-protection.md          | 1 +
 1 file changed, 1 insertion(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
index 046a880398..3f2f1e958a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
@@ -228,6 +228,7 @@ This table lists the individual **Mitigations** (and **Audits**, when available)
 | Mitigation type | Applies to | Mitigation cmdlet parameter keyword | Audit mode cmdlet parameter |
 | :-------------- | :--------- | :---------------------------------- | :-------------------------- |
 | Control flow guard (CFG) | System and app-level |   `CFG`,   `StrictCFG`,   `SuppressExports`  | Audit not available |
+| Hardware-enforced Stack Protection | App-level only |   `UserShadowStack`,   `UserShadowStackStrictMode`  |   `AuditUserShadowStack` |
 | Data Execution Prevention (DEP) | System and app-level |   `DEP`,   `EmulateAtlThunks`  | Audit not available |
 | Force randomization for images (Mandatory ASLR) | System and app-level |   `ForceRelocateImages`  | Audit not available |
 | Randomize memory allocations (Bottom-Up ASLR) | System and app-level |   `BottomUp`,   `HighEntropy`  | Audit not available