deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-11 04:47:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #8554 from vinaypamnani-msft/vp-move-test

Browse Source 
Move WDAC files to align with the security book
This commit is contained in:
Gary Moore 2023-07-25 13:41:24 -07:00 committed by GitHub
commit 09767dc3cd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
256 changed files with 1133 additions and 1796 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

717
.openpublishing.redirection.json
View File

@ -21934,7 +21934,7 @@
"source_path": "windows/deployment/update/update-compliance-schema-wudostatus.md",
"redirect_url": "/windows/deployment/update/wufb-reports-overview",
"redirect_document_id": false
},
},
{
"source_path": "windows/deployment/update/update-compliance-schema-wudoaggregatedstatus.md",
"redirect_url": "/windows/deployment/update/wufb-reports-overview",
@ -21955,6 +21955,721 @@
"redirect_url": "/windows/security/security-foundations/index",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/select-types-of-rules-to-create",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/select-types-of-rules-to-create.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/select-types-of-rules-to-create",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/debugging-operational-guide-appid-tagging-policies",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/wdac-wizard.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/wdac-wizard-parsing-event-logs.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-parsing-event-logs",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/wdac-wizard-merging-policies.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-merging-policies",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/configure-authorized-apps-deployed-with-a-managed-installer",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-deny-policy",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-fully-managed-devices.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-for-fully-managed-devices",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-for-lightly-managed-devices",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-using-reference-computer",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/deploy-multiple-wdac-policies",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/example-wdac-base-policies.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/example-wdac-base-policies",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/manage-packaged-apps-with-wdac",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-block-rules",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/plan-wdac-management",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/design/script-enforcement.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/script-enforcement",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/understand-wdac-policy-design-decisions",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/understanding-wdac-policy-settings.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/understanding-wdac-policy-settings",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/use-wdac-policy-to-control-specific-plug-ins-add-ins-and-modules",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/use-wdac-with-intelligent-security-graph",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-and-dotnet",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-design-guide",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/wdac-wizard-create-base-policy.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-create-base-policy",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/wdac-wizard-create-supplemental-policy.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-create-supplemental-policy",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/wdac-wizard-editing-policy.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-editing-policy",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/operations/citool-commands.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/citool-commands",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/event-id-explanations.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/event-id-explanations",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/event-tag-explanations.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/event-tag-explanations",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/operations/inbox-wdac-policies.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/inbox-wdac-policies",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/operations/known-issues.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/known-issues",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/querying-application-control-events-centrally-using-advanced-hunting",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/operations/wdac-debugging-and-troubleshooting.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/wdac-debugging-and-troubleshooting",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-operational-guide.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/wdac-operational-guide",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/feature-availability.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/feature-availability",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/index.yml",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/index",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/configure-wdac-managed-installer.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/configure-wdac-managed-installer",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/types-of-devices.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/common-wdac-use-cases",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/allow-com-object-registration-in-wdac-policy",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/wdac-deployment-guide",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/use-signed-policies-to-protect-wdac-against-tampering",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-rules.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-your-applocker-rules",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/delete-an-applocker-rule.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/delete-an-applocker-rule",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/determine-your-application-control-objectives.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-your-application-control-objectives",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/dll-rules-in-applocker",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/document-your-application-list.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/document-your-application-list",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/document-your-applocker-rules",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/edit-an-applocker-policy.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/edit-an-applocker-policy",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/edit-applocker-rules.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/edit-applocker-rules",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/enable-the-dll-rule-collection",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/enforce-applocker-rules.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/enforce-applocker-rules",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/executable-rules-in-applocker.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/executable-rules-in-applocker",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/how-applocker-works-techref.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/how-applocker-works-techref",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-policies.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-your-applocker-policies",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-applocker-default-rules.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-applocker-default-rules",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/AppIdTagging/deploy-appid-tagging-policies.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/deploy-appid-tagging-policies",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/AppIdTagging/design-create-appid-tagging-policies.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/design-create-appid-tagging-policies",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/AppIdTagging/windows-defender-application-control-appid-tagging-guide.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/wdac-appid-tagging-guide",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/administer-applocker",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-architecture-and-components.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-architecture-and-components",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-functions.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-functions",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-overview",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policies-deployment-guide",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-design-guide.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policies-design-guide",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policy-use-scenarios",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-settings.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-settings",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-technical-reference.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-technical-reference",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-application-identity-service.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-the-application-identity-service",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-the-appLocker-reference-device",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-processes-and-interactions.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-processes-and-interactions",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/maintain-applocker-policies.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/maintain-applocker-policies",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/using-event-viewer-with-applocker",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/what-is-applocker",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/windows-installer-rules-in-applocker",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-policies.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-policies",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-rules.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-rules",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/audit-wdac-policies",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/deploy-catalog-files-to-support-windows-defender-application-control.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-catalog-files-to-support-wdac",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/deployment/deploy-windows-defender-application-control-policies-using-group-policy.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-using-group-policy",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/deployment/deploy-windows-defender-application-control-policies-using-intune.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-using-intune",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-memcm.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-with-memcm",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-with-script",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/disable-windows-defender-application-control-policies.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/disable-wdac-policies",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/enforce-windows-defender-application-control-policies.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/enforce-wdac-policies",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/LOB-win32-apps-on-s.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/LOB-win32-apps-on-s",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/merge-wdac-policies",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/use-code-signing-to-simplify-application-control-for-classic-windows-applications.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/use-code-signing-for-better-control-and-protection",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/create-code-signing-cert-for-windows-defender-application-control.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/create-code-signing-cert-for-wdac",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/wdac-and-applocker-overview.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/wdac-and-applocker-overview",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-manually.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/merge-applocker-policies-manually",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/monitor-application-usage-with-applocker",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/optimize-applocker-performance.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/optimize-applocker-performance",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/plan-for-applocker-policy-management",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/refresh-an-applocker-policy.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/refresh-an-applocker-policy",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/requirements-to-use-applocker",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/script-rules-in-applocker.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/script-rules-in-applocker",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/security-considerations-for-applocker.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/security-considerations-for-applocker",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/test-and-update-an-applocker-policy",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/tools-to-use-with-applocker.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/tools-to-use-with-applocker",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-enforcement-settings.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-enforcement-settings",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-default-rules",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-behavior",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-collections",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control.md",
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/wdac",
"redirect_document_id": false
},
{
"source_path": "windows/application-management/system-apps-windows-client-os.md",
"redirect_url": "/windows/application-management/apps-in-windows-10",

2
windows/security/application-security/application-control/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md
View File

@ -44,6 +44,6 @@ WDAC has no specific hardware or software requirements.
## Related articles
- [Windows Defender Application Control](../../threat-protection/windows-defender-application-control/windows-defender-application-control.md)
- [Windows Defender Application Control](windows-defender-application-control/wdac.md)
- [Memory integrity](../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md)
- [Driver compatibility with memory integrity](https://techcommunity.microsoft.com/t5/windows-hardware-certification/driver-compatibility-with-device-guard-in-windows-10/ba-p/364865)

4
windows/security/application-security/application-control/toc.yml
View File

@ -10,6 +10,6 @@ items:
- name: Windows Defender Application Control and virtualization-based protection of code integrity
href: introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md
- name: Windows Defender Application Control
href: ../../threat-protection/windows-defender-application-control/windows-defender-application-control.md
href: windows-defender-application-control/wdac.md
- name: Smart App Control
href: ../../threat-protection/windows-defender-application-control/windows-defender-application-control.md
href: windows-defender-application-control/wdac.md

2
windows/security/application-security/application-control/user-account-control/settings-and-configuration.md
View File

@ -41,7 +41,7 @@ The following instructions provide details how to configure your devices. Select
To configure devices using Microsoft Intune, [create a **Settings catalog** policy][MEM-2], and use the settings listed under the category **`Local Policies Security Options`**:
:::image type="content" source="./images/uac-settings-catalog.png" alt-text="Screenshot that shows the UAC policies in the Intune settings catalog." lightbox="./images/uac-settings-catalog.png" border="True":::
:::image type="content" source="images/uac-settings-catalog.png" alt-text="Screenshot that shows the UAC policies in the Intune settings catalog." lightbox="images/uac-settings-catalog.png" border="True":::
Assign the policy to a security group that contains as members the devices or users that you want to configure.

22
windows/security/threat-protection/windows-defender-application-control/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md → windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md
View File

@ -1,35 +1,17 @@
---
title: Testing and Debugging AppId Tagging Policies
description: Testing and Debugging AppId Tagging Policies to ensure your policies are deployed successfully.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
audience: ITPro
author: jgeurten
ms.reviewer: jsuther1974
ms.author: vinpa
manager: aaroncz
ms.date: 04/29/2022
ms.technology: itpro-security
ms.topic: article
---
# Testing and Debugging AppId Tagging Policies
**Applies to:**
- Windows 10
- Windows 11
- Windows Server 2016 and above
> [!NOTE]
> Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
After deployment of the WDAC AppId Tagging policy, WDAC will log a 3099 policy deployed event in the [Event Viewer logs](../event-id-explanations.md). You first should ensure that the policy has been successfully deployed onto the system by verifying the presence of the 3099 event.
After deployment of the WDAC AppId Tagging policy, WDAC will log a 3099 policy deployed event in the [Event Viewer logs](../operations/event-id-explanations.md). You first should ensure that the policy has been successfully deployed onto the system by verifying the presence of the 3099 event.
## Verifying Tags on Running Processes
@ -53,4 +35,4 @@ After verifying the policy has been deployed, the next step is to verify that th
Lastly, in the textbox, type `!token` and then press the Enter key to dump the security attributes on the process, including the _POLICYAPPID://_ followed by the key you set in the policy, and its corresponding value in the Value[0] field.
![Dump the security attributes on the process using WinDbg.](../images/appid-pid-windbg-token.png)
![Dump the security attributes on the process using WinDbg.](../images/appid-pid-windbg-token.png)

14
windows/security/threat-protection/windows-defender-application-control/AppIdTagging/deploy-appid-tagging-policies.md → windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/deploy-appid-tagging-policies.md
View File

@ -1,25 +1,13 @@
---
title: Deploying Windows Defender Application Control AppId tagging policies
description: How to deploy your WDAC AppId tagging policies locally and globally within your managed environment.
ms.prod: windows-client
ms.localizationpriority: medium
author: jgeurten
ms.reviewer: jsuther1974
ms.author: vinpa
manager: aaroncz
ms.date: 04/29/2022
ms.technology: itpro-security
ms.topic: article
---
# Deploying Windows Defender Application Control AppId tagging policies
**Applies to:**
- Windows 10
- Windows 11
- Windows Server 2016 and later
> [!NOTE]
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. For more information, see [Windows Defender Application Control feature availability](../feature-availability.md).
@ -32,7 +20,7 @@ Similar to Windows Defender Application Control (WDAC) policies, WDAC AppId tagg
## Deploy AppId tagging policies with MDM
Custom AppId tagging policies can be deployed to endpoints using [the OMA-URI feature in MDM](../deployment/deploy-windows-defender-application-control-policies-using-intune.md#deploy-wdac-policies-with-custom-oma-uri).
Custom AppId tagging policies can be deployed to endpoints using [the OMA-URI feature in MDM](../deployment/deploy-wdac-policies-using-intune.md#deploy-wdac-policies-with-custom-oma-uri).
## Deploy AppId tagging policies with Configuration Manager

32
windows/security/threat-protection/windows-defender-application-control/AppIdTagging/design-create-appid-tagging-policies.md → windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/design-create-appid-tagging-policies.md
View File

@ -1,41 +1,23 @@
---
title: Create your Windows Defender Application Control AppId Tagging Policies
description: Create your Windows Defender Application Control AppId tagging policies for Windows devices.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
audience: ITPro
author: jgeurten
ms.reviewer: jsuther1974
ms.author: vinpa
manager: aaroncz
ms.date: 04/29/2022
ms.technology: itpro-security
ms.topic: article
---
# Creating your WDAC AppId Tagging Policies
**Applies to:**
- Windows 10
- Windows 11
- Windows Server 2016 and above
> [!NOTE]
> Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
## Create the policy using the WDAC Wizard
You can use the Windows Defender Application Control (WDAC) Wizard and the PowerShell commands to create an application control policy and convert it to an AppIdTagging policy. The WDAC Wizard is available for download at the [WDAC Wizard Installer site](https://aka.ms/wdacwizard). These PowerShell commands are only available on the supported platforms listed in [AppId Tagging Guide](./windows-defender-application-control-appid-tagging-guide.md).
You can use the Windows Defender Application Control (WDAC) Wizard and the PowerShell commands to create an application control policy and convert it to an AppIdTagging policy. The WDAC Wizard is available for download at the [WDAC Wizard Installer site](https://aka.ms/wdacwizard). These PowerShell commands are only available on the supported platforms listed in [AppId Tagging Guide](wdac-appid-tagging-guide.md).
1. Create a new base policy using the templates:
Start with the Policy Creator task and select Multiple Policy Format and Base Policy. Select the Base Template to use for the policy. The following example shows beginning with the [Default Windows Mode](../wdac-wizard-create-base-policy.md#template-base-policies) template and build on top of these rules.
Start with the Policy Creator task and select Multiple Policy Format and Base Policy. Select the Base Template to use for the policy. The following example shows beginning with the [Default Windows Mode](../design/wdac-wizard-create-base-policy.md#template-base-policies) template and build on top of these rules.
![Configuring the policy base and template.](../images/appid-wdac-wizard-1.png)
@ -43,7 +25,6 @@ You can use the Windows Defender Application Control (WDAC) Wizard and the Power
> If your AppId Tagging Policy does build off the base templates or does not allow Windows in-box processes, you will notice significant performance regressions, especially during boot. For this reason, it is strongly recommended to build off the base templates.
For more information on the issue, see the [AppId Tagging Known Issue](../operations/known-issues.md#slow-boot-and-performance-with-custom-policies).
2. Set the following rule-options using the Wizard toggles:
![Configuring the policy rule-options.](../images/appid-wdac-wizard-2.png)
@ -58,8 +39,7 @@ You can use the Windows Defender Application Control (WDAC) Wizard and the Power
- Package app name rules: Create a rule based off the package family name of an appx/msix.
- Hash rules: Create a rule based off the PE Authenticode hash of a file.
For more information on creating new policy file rules, see the guidelines provided in the [creating policy file rules section](../wdac-wizard-create-base-policy.md#creating-custom-file-rules).
For more information on creating new policy file rules, see the guidelines provided in the [creating policy file rules section](../design/wdac-wizard-create-base-policy.md#creating-custom-file-rules).
4. Convert to AppId Tagging Policy:
@ -72,9 +52,9 @@ You can use the Windows Defender Application Control (WDAC) Wizard and the Power
## Create the policy using PowerShell
Using this method, you create an AppId Tagging policy directly using the WDAC PowerShell commands. These PowerShell commands are only available on the supported platforms listed in [AppId Tagging Guide](./windows-defender-application-control-appid-tagging-guide.md). In an elevate PowerShell instance:
Using this method, you create an AppId Tagging policy directly using the WDAC PowerShell commands. These PowerShell commands are only available on the supported platforms listed in [AppId Tagging Guide](wdac-appid-tagging-guide.md). In an elevate PowerShell instance:
1. Create an AppId rule for the policy based on a combination of the signing certificate chain and version of the application. In the example below, the level has been set to SignedVersion. Any of the [WDAC File Rule Levels](../select-types-of-rules-to-create.md#table-2-windows-defender-application-control-policy---file-rule-levels) can be used in AppId rules:
1. Create an AppId rule for the policy based on a combination of the signing certificate chain and version of the application. In the example below, the level has been set to SignedVersion. Any of the [WDAC File Rule Levels](../design/select-types-of-rules-to-create.md#table-2-windows-defender-application-control-policy---file-rule-levels) can be used in AppId rules:
```powershell
$rule = New-CiPolicyRule -Level SignedVersion -DriverFilePath <path_to_application>
@ -121,4 +101,4 @@ After creating your AppId Tagging policy in the above steps, you can deploy the
RefreshPolicy.exe is available for download from the [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=102925).
## Next Steps
For more information on debugging and broad deployment of the AppId Tagging policy, see [Debugging AppId policies](./debugging-operational-guide-appid-tagging-policies.md) and [Deploying AppId policies](deploy-appid-tagging-policies.md).
For more information on debugging and broad deployment of the AppId Tagging policy, see [Debugging AppId policies](debugging-operational-guide-appid-tagging-policies.md) and [Deploying AppId policies](deploy-appid-tagging-policies.md).

20
windows/security/threat-protection/windows-defender-application-control/AppIdTagging/windows-defender-application-control-appid-tagging-guide.md → windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/wdac-appid-tagging-guide.md
View File

@ -1,31 +1,13 @@
---
title: Designing, creating, managing and troubleshooting Windows Defender Application Control AppId Tagging policies
title: Designing, creating, managing and troubleshooting Windows Defender Application Control AppId Tagging policies
description: How to design, create, manage and troubleshoot your WDAC AppId Tagging policies
keywords: security, malware, firewall
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
audience: ITPro
author: jgeurten
ms.reviewer: jsuther1974
ms.author: vinpa
manager: aaroncz
ms.date: 04/27/2022
ms.technology: itpro-security
ms.topic: article
---
# WDAC Application ID (AppId) Tagging guide
**Applies to**
- Windows 10
- Windows 11
- Windows Server 2022 and above
> [!NOTE]
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).

92
windows/security/threat-protection/windows-defender-application-control/TOC.yml → windows/security/application-security/application-control/windows-defender-application-control/TOC.yml
View File

@ -1,7 +1,7 @@
- name: Application Control for Windows
href: index.yml
- name: About application control for Windows
href: windows-defender-application-control.md
href: wdac.md
expanded: true
items:
- name: WDAC and AppLocker Overview
@ -9,120 +9,120 @@
- name: WDAC and AppLocker Feature Availability
href: feature-availability.md
- name: Virtualization-based protection of code integrity
href: ../../application-security/application-control/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md
href: ../introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md
- name: WDAC design guide
href: windows-defender-application-control-design-guide.md
href: design/wdac-design-guide.md
items:
- name: Plan for WDAC policy lifecycle management
href: plan-windows-defender-application-control-management.md
href: design/plan-wdac-management.md
- name: Design your WDAC policy
items:
- name: Understand WDAC policy design decisions
href: understand-windows-defender-application-control-policy-design-decisions.md
href: design/understand-wdac-policy-design-decisions.md
- name: Understand WDAC policy rules and file rules
href: select-types-of-rules-to-create.md
href: design/select-types-of-rules-to-create.md
items:
- name: Allow apps installed by a managed installer
href: configure-authorized-apps-deployed-with-a-managed-installer.md
href: design/configure-authorized-apps-deployed-with-a-managed-installer.md
- name: Allow reputable apps with Intelligent Security Graph (ISG)
href: use-windows-defender-application-control-with-intelligent-security-graph.md
href: design/use-wdac-with-intelligent-security-graph.md
- name: Allow COM object registration
href: allow-com-object-registration-in-windows-defender-application-control-policy.md
href: design/allow-com-object-registration-in-wdac-policy.md
- name: Use WDAC with .NET hardening
href: use-windows-defender-application-control-with-dynamic-code-security.md
href: design/wdac-and-dotnet.md
- name: Script enforcement with Windows Defender Application Control
href: design/script-enforcement.md
- name: Manage packaged apps with WDAC
href: manage-packaged-apps-with-windows-defender-application-control.md
href: design/manage-packaged-apps-with-wdac.md
- name: Use WDAC to control specific plug-ins, add-ins, and modules
href: use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md
href: design/use-wdac-policy-to-control-specific-plug-ins-add-ins-and-modules.md
- name: Understand WDAC policy settings
href: understanding-wdac-policy-settings.md
href: design/understanding-wdac-policy-settings.md
- name: Use multiple WDAC policies
href: deploy-multiple-windows-defender-application-control-policies.md
href: design/deploy-multiple-wdac-policies.md
- name: Create your WDAC policy
items:
- name: Example WDAC base policies
href: example-wdac-base-policies.md
href: design/example-wdac-base-policies.md
- name: Policy creation for common WDAC usage scenarios
href: types-of-devices.md
href: design/common-wdac-use-cases.md
items:
- name: Create a WDAC policy for lightly managed devices
href: create-wdac-policy-for-lightly-managed-devices.md
href: design/create-wdac-policy-for-lightly-managed-devices.md
- name: Create a WDAC policy for fully managed devices
href: create-wdac-policy-for-fully-managed-devices.md
href: design/create-wdac-policy-for-fully-managed-devices.md
- name: Create a WDAC policy for fixed-workload devices
href: create-initial-default-policy.md
href: design/create-wdac-policy-using-reference-computer.md
- name: Create a WDAC deny list policy
href: create-wdac-deny-policy.md
href: design/create-wdac-deny-policy.md
- name: Microsoft recommended block rules
href: microsoft-recommended-block-rules.md
href: design/microsoft-recommended-block-rules.md
- name: Microsoft recommended driver block rules
href: microsoft-recommended-driver-block-rules.md
href: design/microsoft-recommended-driver-block-rules.md
- name: Use the WDAC Wizard tool
href: wdac-wizard.md
href: design/wdac-wizard.md
items:
- name: Create a base WDAC policy with the Wizard
href: wdac-wizard-create-base-policy.md
href: design/wdac-wizard-create-base-policy.md
- name: Create a supplemental WDAC policy with the Wizard
href: wdac-wizard-create-supplemental-policy.md
href: design/wdac-wizard-create-supplemental-policy.md
- name: Editing a WDAC policy with the Wizard
href: wdac-wizard-editing-policy.md
href: design/wdac-wizard-editing-policy.md
- name: Creating WDAC Policy Rules from WDAC Events
href: wdac-wizard-parsing-event-logs.md
href: design/wdac-wizard-parsing-event-logs.md
- name: Merging multiple WDAC policies with the Wizard
href: wdac-wizard-merging-policies.md
href: design/wdac-wizard-merging-policies.md
- name: WDAC deployment guide
href: windows-defender-application-control-deployment-guide.md
href: deployment/wdac-deployment-guide.md
items:
- name: Deploy WDAC policies with MDM
href: deployment/deploy-windows-defender-application-control-policies-using-intune.md
href: deployment/deploy-wdac-policies-using-intune.md
- name: Deploy WDAC policies with Configuration Manager
href: deployment/deploy-wdac-policies-with-memcm.md
- name: Deploy WDAC policies with script
href: deployment/deploy-wdac-policies-with-script.md
- name: Deploy WDAC policies with group policy
href: deployment/deploy-windows-defender-application-control-policies-using-group-policy.md
href: deployment/deploy-wdac-policies-using-group-policy.md
- name: Audit WDAC policies
href: audit-windows-defender-application-control-policies.md
href: deployment/audit-wdac-policies.md
- name: Merge WDAC policies
href: merge-windows-defender-application-control-policies.md
href: deployment/merge-wdac-policies.md
- name: Enforce WDAC policies
href: enforce-windows-defender-application-control-policies.md
href: deployment/enforce-wdac-policies.md
- name: Use code signing for added control and protection with WDAC
href: use-code-signing-to-simplify-application-control-for-classic-windows-applications.md
href: deployment/use-code-signing-for-better-control-and-protection.md
items:
- name: Deploy catalog files to support WDAC
href: deploy-catalog-files-to-support-windows-defender-application-control.md
href: deployment/deploy-catalog-files-to-support-wdac.md
- name: Use signed policies to protect Windows Defender Application Control against tampering
href: use-signed-policies-to-protect-windows-defender-application-control-against-tampering.md
href: deployment/use-signed-policies-to-protect-wdac-against-tampering.md
- name: "Optional: Create a code signing cert for WDAC"
href: create-code-signing-cert-for-windows-defender-application-control.md
href: deployment/create-code-signing-cert-for-wdac.md
- name: Disable WDAC policies
href: disable-windows-defender-application-control-policies.md
href: deployment/disable-wdac-policies.md
- name: LOB Win32 Apps on S Mode
href: LOB-win32-apps-on-s.md
href: deployment/LOB-win32-apps-on-s.md
- name: WDAC operational guide
href: windows-defender-application-control-operational-guide.md
href: operations/wdac-operational-guide.md
items:
- name: WDAC debugging and troubleshooting
href: operations/wdac-debugging-and-troubleshooting.md
- name: Understanding Application Control event IDs
href: event-id-explanations.md
href: operations/event-id-explanations.md
- name: Understanding Application Control event tags
href: event-tag-explanations.md
href: operations/event-tag-explanations.md
- name: Query WDAC events with Advanced hunting
href: querying-application-control-events-centrally-using-advanced-hunting.md
href: operations/querying-application-control-events-centrally-using-advanced-hunting.md
- name: Known Issues
href: operations/known-issues.md
- name: Managed installer and ISG technical reference and troubleshooting guide
href: configure-wdac-managed-installer.md
href: operations/configure-wdac-managed-installer.md
- name: CITool.exe technical reference
href: operations/citool-commands.md
- name: Inbox WDAC policies
href: operations/inbox-wdac-policies.md
- name: WDAC AppId Tagging guide
href: AppIdTagging/windows-defender-application-control-appid-tagging-guide.md
href: AppIdTagging/wdac-appid-tagging-guide.md
items:
- name: Creating AppId Tagging Policies
href: AppIdTagging/design-create-appid-tagging-policies.md

6
windows/security/threat-protection/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md
View File

@ -1,15 +1,9 @@
---
title: Add rules for packaged apps to existing AppLocker rule-set
description: This topic for IT professionals describes how to update your existing AppLocker policies for packaged apps using the Remote Server Administration Toolkit (RSAT).
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Add rules for packaged apps to existing AppLocker rule-set

6
windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/administer-applocker.md
View File

@ -1,15 +1,9 @@
---
title: Administer AppLocker
description: This topic for IT professionals provides links to specific procedures to use when administering AppLocker policies.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 02/28/2019
ms.technology: itpro-security
---
# Administer AppLocker

6
windows/security/threat-protection/windows-defender-application-control/applocker/applocker-architecture-and-components.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-architecture-and-components.md
View File

@ -1,15 +1,9 @@
---
title: AppLocker architecture and components
description: This topic for IT professional describes AppLockers basic architecture and its major components.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# AppLocker architecture and components

6
windows/security/threat-protection/windows-defender-application-control/applocker/applocker-functions.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-functions.md
View File

@ -1,15 +1,9 @@
---
title: AppLocker functions
description: This article for the IT professional lists the functions and security levels for the Software Restriction Policies (SRP) and AppLocker features.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# AppLocker functions

3
windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-overview.md
View File

@ -1,9 +1,6 @@
---
title: AppLocker
description: This article provides a description of AppLocker and can help you decide if your organization can benefit from deploying AppLocker application control policies.
ms.author: vinpa
author: vinaypamnani-msft
manager: aaroncz
ms.collection:
- highpri
- tier3

6
windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md
View File

@ -1,15 +1,9 @@
---
title: AppLocker deployment guide
description: This topic for IT professionals introduces the concepts and describes the steps required to deploy AppLocker policies.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# AppLocker deployment guide

6
windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-design-guide.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policies-design-guide.md
View File

@ -1,15 +1,9 @@
---
title: AppLocker design guide
description: This topic for the IT professional introduces the design and planning steps required to deploy application control policies by using AppLocker.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# AppLocker design guide

6
windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md
View File

@ -1,15 +1,9 @@
---
title: AppLocker policy use scenarios
description: This topic for the IT professional lists the various application control scenarios in which AppLocker policies can be effectively implemented.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# AppLocker policy use scenarios

6
windows/security/threat-protection/windows-defender-application-control/applocker/applocker-processes-and-interactions.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-processes-and-interactions.md
View File

@ -1,15 +1,9 @@
---
title: AppLocker processes and interactions
description: This topic for the IT professional describes the process dependencies and interactions when AppLocker evaluates and enforces rules.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# AppLocker processes and interactions

6
windows/security/threat-protection/windows-defender-application-control/applocker/applocker-settings.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-settings.md
View File

@ -1,15 +1,9 @@
---
title: AppLocker settings
description: This topic for the IT professional lists the settings used by AppLocker.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# AppLocker settings

6
windows/security/threat-protection/windows-defender-application-control/applocker/applocker-technical-reference.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-technical-reference.md
View File

@ -1,15 +1,9 @@
---
title: AppLocker technical reference
description: This overview topic for IT professionals provides links to the topics in the technical reference.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# AppLocker technical reference

6
windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md
View File

@ -1,15 +1,9 @@
---
title: Configure an AppLocker policy for audit only
description: This topic for IT professionals describes how to set AppLocker policies to Audit only within your IT environment by using AppLocker.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 06/08/2018
ms.technology: itpro-security
---
# Configure an AppLocker policy for audit only

6
windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md
View File

@ -1,15 +1,9 @@
---
title: Configure an AppLocker policy for enforce rules
description: This topic for IT professionals describes the steps to enable the AppLocker policy enforcement setting.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Configure an AppLocker policy for enforce rules

6
windows/security/threat-protection/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md
View File

@ -1,15 +1,9 @@
---
title: Add exceptions for an AppLocker rule
description: This topic for IT professionals describes the steps to specify which apps can or cannot run as exceptions to an AppLocker rule.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Add exceptions for an AppLocker rule

6
windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md
View File

@ -1,15 +1,9 @@
---
title: Configure the AppLocker reference device
description: This topic for the IT professional describes the steps to create an AppLocker policy platform structure on a reference computer.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Configure the AppLocker reference device

6
windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-application-identity-service.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-the-application-identity-service.md
View File

@ -1,15 +1,9 @@
---
title: Configure the Application Identity service
description: This topic for IT professionals shows how to configure the Application Identity service to start automatically or manually.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 07/01/2021
ms.technology: itpro-security
---
# Configure the Application Identity service

6
windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md
View File

@ -1,15 +1,9 @@
---
title: Create a rule for packaged apps
description: This article for IT professionals shows how to create an AppLocker rule for packaged apps with a publisher condition.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Create a rule for packaged apps

6
windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md
View File

@ -1,15 +1,9 @@
---
title: Create a rule that uses a file hash condition
description: This topic for IT professionals shows how to create an AppLocker rule with a file hash condition.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Create a rule that uses a file hash condition

6
windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md
View File

@ -1,15 +1,9 @@
---
title: Create a rule that uses a path condition
description: This topic for IT professionals shows how to create an AppLocker rule with a path condition.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Create a rule that uses a path condition

6
windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md
View File

@ -1,15 +1,9 @@
---
title: Create a rule that uses a publisher condition
description: This topic for IT professionals shows how to create an AppLocker rule with a publisher condition.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Create a rule that uses a publisher condition

6
windows/security/threat-protection/windows-defender-application-control/applocker/create-applocker-default-rules.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/create-applocker-default-rules.md
View File

@ -1,15 +1,9 @@
---
title: Create AppLocker default rules
description: This topic for IT professionals describes the steps to create a standard set of AppLocker rules that will allow Windows system files to run.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Create AppLocker default rules

6
windows/security/threat-protection/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md
View File

@ -1,15 +1,9 @@
---
title: Create a list of apps deployed to each business group
description: This topic describes the process of gathering app usage requirements from each business group to implement application control policies by using AppLocker.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Create a list of apps deployed to each business group

6
windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-policies.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/create-your-applocker-policies.md
View File

@ -1,15 +1,9 @@
---
title: Create Your AppLocker policies
description: This overview topic for the IT professional describes the steps to create an AppLocker policy and prepare it for deployment.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Create Your AppLocker policies

6
windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-rules.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/create-your-applocker-rules.md
View File

@ -1,15 +1,9 @@
---
title: Create Your AppLocker rules
description: This topic for the IT professional describes what you need to know about AppLocker rules and the methods that you can to create rules.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Create Your AppLocker rules

6
windows/security/threat-protection/windows-defender-application-control/applocker/delete-an-applocker-rule.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/delete-an-applocker-rule.md
View File

@ -1,15 +1,9 @@
---
title: Delete an AppLocker rule
description: This article for IT professionals describes the steps to delete an AppLocker rule.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 03/10/2023
ms.technology: itpro-security
---
# Delete an AppLocker rule

6
windows/security/threat-protection/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md
View File

@ -1,15 +1,9 @@
---
title: Deploy AppLocker policies by using the enforce rules setting
description: This topic for IT professionals describes the steps to deploy AppLocker policies by using the enforcement setting method.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Deploy AppLocker policies by using the enforce rules setting

6
windows/security/threat-protection/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md
View File

@ -1,15 +1,9 @@
---
title: Deploy the AppLocker policy into production
description: This topic for the IT professional describes the tasks that should be completed before you deploy AppLocker application control settings.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Deploy the AppLocker policy into production

6
windows/security/threat-protection/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md
View File

@ -1,15 +1,9 @@
---
title: Determine the Group Policy structure and rule enforcement
description: This overview topic describes the process to follow when you're planning to deploy AppLocker rules.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Determine the Group Policy structure and rule enforcement

6
windows/security/threat-protection/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md
View File

@ -1,15 +1,9 @@
---
title: Find digitally signed apps on a reference device
description: This topic for the IT professional describes how to use AppLocker logs and tools to determine which applications are digitally signed.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Determine which apps are digitally signed on a reference device

6
windows/security/threat-protection/windows-defender-application-control/applocker/determine-your-application-control-objectives.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-your-application-control-objectives.md
View File

@ -1,15 +1,9 @@
---
title: Determine your application control objectives
description: Determine which applications to control and how to control them by comparing Software Restriction Policies (SRP) and AppLocker.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Determine your application control objectives

6
windows/security/threat-protection/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md
View File

@ -1,15 +1,9 @@
---
title: Display a custom URL message when users try to run a blocked app
description: This topic for IT professionals describes the steps for displaying a customized message to users when an AppLocker policy denies access to an app.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Display a custom URL message when users try to run a blocked app

6
windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/dll-rules-in-applocker.md
View File

@ -1,15 +1,9 @@
---
title: DLL rules in AppLocker
description: This topic describes the file formats and available default rules for the DLL rule collection.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# DLL rules in AppLocker

6
windows/security/threat-protection/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md
View File

@ -1,15 +1,9 @@
---
title: Document Group Policy structure & AppLocker rule enforcement
description: This planning topic describes what you need to investigate, determine, and record in your application control policies plan when you use AppLocker.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Document the Group Policy structure and AppLocker rule enforcement

6
windows/security/threat-protection/windows-defender-application-control/applocker/document-your-application-list.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/document-your-application-list.md
View File

@ -1,15 +1,9 @@
---
title: Document your app list
description: This planning topic describes the app information that you should document when you create a list of apps for AppLocker policies.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Document your app list

6
windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/document-your-applocker-rules.md
View File

@ -1,15 +1,9 @@
---
title: Document your AppLocker rules
description: Learn how to document your AppLocker rules and associate rule conditions with files, permissions, rule source, and implementation.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Document your AppLocker rules

6
windows/security/threat-protection/windows-defender-application-control/applocker/edit-an-applocker-policy.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/edit-an-applocker-policy.md
View File

@ -1,15 +1,9 @@
---
title: Edit an AppLocker policy
description: This topic for IT professionals describes the steps required to modify an AppLocker policy.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Edit an AppLocker policy

6
windows/security/threat-protection/windows-defender-application-control/applocker/edit-applocker-rules.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/edit-applocker-rules.md
View File

@ -1,15 +1,9 @@
---
title: Edit AppLocker rules
description: This topic for IT professionals describes the steps to edit a publisher rule, path rule, and file hash rule in AppLocker.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Edit AppLocker rules

6
windows/security/threat-protection/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md
View File

@ -1,15 +1,9 @@
---
title: Enable the DLL rule collection
description: This topic for IT professionals describes the steps to enable the DLL rule collection feature for AppLocker.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Enable the DLL rule collection

6
windows/security/threat-protection/windows-defender-application-control/applocker/enforce-applocker-rules.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/enforce-applocker-rules.md
View File

@ -1,15 +1,9 @@
---
title: Enforce AppLocker rules
description: This topic for IT professionals describes how to enforce application control rules by using AppLocker.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Enforce AppLocker rules

6
windows/security/threat-protection/windows-defender-application-control/applocker/executable-rules-in-applocker.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/executable-rules-in-applocker.md
View File

@ -1,15 +1,9 @@
---
title: Executable rules in AppLocker
description: This topic describes the file formats and available default rules for the executable rule collection.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Executable rules in AppLocker

6
windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md
View File

@ -1,15 +1,9 @@
---
title: Export an AppLocker policy from a GPO
description: This topic for IT professionals describes the steps to export an AppLocker policy from a Group Policy Object (GPO) so that it can be modified.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Export an AppLocker policy from a GPO

6
windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md
View File

@ -1,15 +1,9 @@
---
title: Export an AppLocker policy to an XML file
description: This topic for IT professionals describes the steps to export an AppLocker policy to an XML file for review or testing.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Export an AppLocker policy to an XML file

6
windows/security/threat-protection/windows-defender-application-control/applocker/how-applocker-works-techref.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/how-applocker-works-techref.md
View File

@ -1,15 +1,9 @@
---
title: How AppLocker works
description: This topic for the IT professional provides links to topics about AppLocker architecture and components, processes and interactions, rules and policies.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# How AppLocker works

0
windows/security/threat-protection/windows-defender-application-control/applocker/images/applocker-plan-inheritance.gif → windows/security/application-security/application-control/windows-defender-application-control/applocker/images/applocker-plan-inheritance.gif
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 22 KiB

After

Width:  |  Height:  |  Size: 22 KiB

0
windows/security/threat-protection/windows-defender-application-control/applocker/images/applocker-plandeploy-quickreference.gif → windows/security/application-security/application-control/windows-defender-application-control/applocker/images/applocker-plandeploy-quickreference.gif
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 35 KiB

After

Width:  |  Height:  |  Size: 35 KiB

0
windows/security/threat-protection/windows-defender-application-control/applocker/images/blockedappmsg.gif → windows/security/application-security/application-control/windows-defender-application-control/applocker/images/blockedappmsg.gif
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 16 KiB

After

Width:  |  Height:  |  Size: 16 KiB

6
windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md
View File

@ -1,14 +1,8 @@
---
title: Import an AppLocker policy from another computer
description: This topic for IT professionals describes how to import an AppLocker policy.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.technology: itpro-security
ms.date: 12/31/2017
---

6
windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md
View File

@ -1,15 +1,9 @@
---
title: Import an AppLocker policy into a GPO
description: This topic for IT professionals describes the steps to import an AppLocker policy into a Group Policy Object (GPO).
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Import an AppLocker policy into a GPO

6
windows/security/threat-protection/windows-defender-application-control/applocker/maintain-applocker-policies.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/maintain-applocker-policies.md
View File

@ -1,14 +1,8 @@
---
title: Maintain AppLocker policies
description: Learn how to maintain rules within AppLocker policies. View common AppLocker maintenance scenarios and see the methods to use to maintain AppLocker policies.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.technology: itpro-security
ms.date: 12/31/2017
---

8
windows/security/threat-protection/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md
View File

@ -1,15 +1,9 @@
---
title: Manage packaged apps with AppLocker
description: Learn concepts and lists procedures to help you manage packaged apps with AppLocker as part of your overall application control strategy.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Manage packaged apps with AppLocker
@ -70,7 +64,7 @@ Just as there are differences in managing each rule collection, you need to mana
1. Gather information about which Packaged apps are running in your environment. For information about how to gather this information, see [Create list of apps deployed to each business group](create-list-of-applications-deployed-to-each-business-group.md).
2. Create AppLocker rules for specific packaged apps based on your policy strategies. For more information, see [Create a rule for packaged apps](create-a-rule-for-packaged-apps.md) and [Understanding AppLocker default rules](./understanding-applocker-default-rules.md).
2. Create AppLocker rules for specific packaged apps based on your policy strategies. For more information, see [Create a rule for packaged apps](create-a-rule-for-packaged-apps.md) and [Understanding AppLocker default rules](understanding-applocker-default-rules.md).
3. Continue to update the AppLocker policies as new package apps are introduced into your environment. To do this update, see [Add rules for packaged apps to existing AppLocker rule-set](add-rules-for-packaged-apps-to-existing-applocker-rule-set.md).

6
windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md
View File

@ -1,15 +1,9 @@
---
title: Merge AppLocker policies by using Set-ApplockerPolicy
description: This topic for IT professionals describes the steps to merge AppLocker policies by using Windows PowerShell.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Merge AppLocker policies by using Set-ApplockerPolicy

6
windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-manually.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/merge-applocker-policies-manually.md
View File

@ -1,15 +1,9 @@
---
title: Merge AppLocker policies manually
description: This topic for IT professionals describes the steps to manually merge AppLocker policies to update the Group Policy Object (GPO).
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Merge AppLocker policies manually

6
windows/security/threat-protection/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md
View File

@ -1,15 +1,9 @@
---
title: Monitor app usage with AppLocker
description: This topic for IT professionals describes how to monitor app usage when AppLocker policies are applied.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Monitor app usage with AppLocker

6
windows/security/threat-protection/windows-defender-application-control/applocker/optimize-applocker-performance.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/optimize-applocker-performance.md
View File

@ -1,15 +1,9 @@
---
title: Optimize AppLocker performance
description: This topic for IT professionals describes how to optimize AppLocker policy enforcement.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Optimize AppLocker performance

6
windows/security/threat-protection/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md
View File

@ -1,15 +1,9 @@
---
title: Packaged apps and packaged app installer rules in AppLocker
description: This topic explains the AppLocker rule collection for packaged app installers and packaged apps.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 10/13/2017
ms.technology: itpro-security
---
# Packaged apps and packaged app installer rules in AppLocker

6
windows/security/threat-protection/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md
View File

@ -1,15 +1,9 @@
---
title: Plan for AppLocker policy management
description: This topic describes the decisions you need to make to establish the processes for managing and maintaining AppLocker policies.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Plan for AppLocker policy management

6
windows/security/threat-protection/windows-defender-application-control/applocker/refresh-an-applocker-policy.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/refresh-an-applocker-policy.md
View File

@ -1,15 +1,9 @@
---
title: Refresh an AppLocker policy
description: This topic for IT professionals describes the steps to force an update for an AppLocker policy.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Refresh an AppLocker policy

6
windows/security/threat-protection/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md
View File

@ -1,15 +1,9 @@
---
title: Requirements for deploying AppLocker policies
description: This deployment topic for the IT professional lists the requirements that you need to consider before you deploy AppLocker policies.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Requirements for deploying AppLocker policies

6
windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/requirements-to-use-applocker.md
View File

@ -1,15 +1,9 @@
---
title: Requirements to use AppLocker
description: This topic for the IT professional lists software requirements to use AppLocker on the supported Windows operating systems.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Requirements to use AppLocker

6
windows/security/threat-protection/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md
View File

@ -1,15 +1,9 @@
---
title: Run the Automatically Generate Rules wizard
description: This topic for IT professionals describes steps to run the wizard to create AppLocker rules on a reference device.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Run the Automatically Generate Rules wizard

6
windows/security/threat-protection/windows-defender-application-control/applocker/script-rules-in-applocker.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/script-rules-in-applocker.md
View File

@ -1,15 +1,9 @@
---
title: Script rules in AppLocker
description: This article describes the file formats and available default rules for the script rule collection.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 06/15/2022
ms.technology: itpro-security
---
# Script rules in AppLocker

6
windows/security/threat-protection/windows-defender-application-control/applocker/security-considerations-for-applocker.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/security-considerations-for-applocker.md
View File

@ -1,15 +1,9 @@
---
title: Security considerations for AppLocker
description: This topic for the IT professional describes the security considerations you need to address when implementing AppLocker.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Security considerations for AppLocker

6
windows/security/threat-protection/windows-defender-application-control/applocker/select-types-of-rules-to-create.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/select-types-of-rules-to-create.md
View File

@ -1,15 +1,9 @@
---
title: Select the types of rules to create
description: This topic lists resources you can use when selecting your application control policy rules by using AppLocker.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Select the types of rules to create

6
windows/security/threat-protection/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md
View File

@ -1,15 +1,9 @@
---
title: Test an AppLocker policy by using Test-AppLockerPolicy
description: This topic for IT professionals describes the steps to test an AppLocker policy prior to importing it into a Group Policy Object (GPO) or another computer.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Test an AppLocker policy by using Test-AppLockerPolicy

6
windows/security/threat-protection/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md
View File

@ -1,15 +1,9 @@
---
title: Test and update an AppLocker policy
description: This topic discusses the steps required to test an AppLocker policy prior to deployment.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Test and update an AppLocker policy

6
windows/security/threat-protection/windows-defender-application-control/applocker/tools-to-use-with-applocker.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/tools-to-use-with-applocker.md
View File

@ -1,15 +1,9 @@
---
title: Tools to use with AppLocker
description: This topic for the IT professional describes the tools available to create and administer AppLocker policies.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Tools to use with AppLocker

6
windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-enforcement-settings.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-enforcement-settings.md
View File

@ -1,15 +1,9 @@
---
title: Understand AppLocker enforcement settings
description: This topic describes the AppLocker enforcement settings for rule collections.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Understand AppLocker enforcement settings

6
windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md
View File

@ -1,15 +1,9 @@
---
title: Understand AppLocker policy design decisions
description: Review some common considerations while you're planning to use AppLocker to deploy application control policies within a Windows environment.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 10/13/2017
ms.technology: itpro-security
---
# Understand AppLocker policy design decisions

6
windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md
View File

@ -1,15 +1,9 @@
---
title: Understand AppLocker rules and enforcement setting inheritance in Group Policy
description: This topic for the IT professional describes how application control policies configured in AppLocker are applied through Group Policy.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Understand AppLocker rules and enforcement setting inheritance in Group Policy

6
windows/security/threat-protection/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md
View File

@ -1,15 +1,9 @@
---
title: Understand the AppLocker policy deployment process
description: This planning and deployment topic for the IT professional describes the process for using AppLocker when deploying application control policies.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Understand the AppLocker policy deployment process

6
windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md
View File

@ -1,15 +1,9 @@
---
title: Understanding AppLocker allow and deny actions on rules
description: This topic explains the differences between allow and deny actions on AppLocker rules.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Understanding AppLocker allow and deny actions on rules

6
windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-default-rules.md
View File

@ -1,15 +1,9 @@
---
title: Understanding AppLocker default rules
description: This topic for IT professional describes the set of rules that can be used to ensure that required Windows system files are allowed to run when the policy is applied.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Understanding AppLocker default rules

6
windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md
View File

@ -1,15 +1,9 @@
---
title: Understanding AppLocker rule behavior
description: This topic describes how AppLocker rules are enforced by using the allow and deny options in AppLocker.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Understanding AppLocker rule behavior

6
windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md
View File

@ -1,15 +1,9 @@
---
title: Understanding AppLocker rule collections
description: This topic explains the five different types of AppLocker rules used to enforce AppLocker policies.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Understanding AppLocker rule collections

6
windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md
View File

@ -1,15 +1,9 @@
---
title: Understanding AppLocker rule condition types
description: This topic for the IT professional describes the three types of AppLocker rule conditions.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Understanding AppLocker rule condition types

6
windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md
View File

@ -1,15 +1,9 @@
---
title: Understanding AppLocker rule exceptions
description: This topic describes the result of applying AppLocker rule exceptions to rule collections.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Understanding AppLocker rule exceptions

6
windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md
View File

@ -1,15 +1,9 @@
---
title: Understanding the file hash rule condition in AppLocker
description: This topic explains the AppLocker file hash rule condition, the advantages and disadvantages, and how it's applied.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Understanding the file hash rule condition in AppLocker

6
windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md
View File

@ -1,15 +1,9 @@
---
title: Understanding the path rule condition in AppLocker
description: This topic explains the AppLocker path rule condition, the advantages and disadvantages, and how it's applied.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Understanding the path rule condition in AppLocker

6
windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md
View File

@ -1,15 +1,9 @@
---
title: Understanding the publisher rule condition in AppLocker
description: This topic explains the AppLocker publisher rule condition, what controls are available, and how it's applied.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Understanding the publisher rule condition in AppLocker

6
windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md
View File

@ -1,15 +1,9 @@
---
title: Use a reference device to create and maintain AppLocker policies
description: This topic for the IT professional describes the steps to create and maintain AppLocker policies by using a reference computer.
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.reviewer:
ms.technology: itpro-security
---
# Use a reference device to create and maintain AppLocker policies

6
windows/security/threat-protection/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md
View File

@ -1,15 +1,9 @@
---
title: Use AppLocker and Software Restriction Policies in the same domain
description: This article for IT professionals describes concepts and procedures to help you manage your application control strategy using Software Restriction Policies and AppLocker.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 11/07/2022
ms.technology: itpro-security
---
# Use AppLocker and Software Restriction Policies in the same domain

6
windows/security/threat-protection/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md
View File

@ -1,15 +1,9 @@
---
title: Use the AppLocker Windows PowerShell cmdlets
description: This topic for IT professionals describes how each AppLocker Windows PowerShell cmdlet can help you administer your AppLocker application control policies.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Use the AppLocker Windows PowerShell cmdlets

6
windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md
View File

@ -1,14 +1,8 @@
---
title: Using Event Viewer with AppLocker
description: This article lists AppLocker events and describes how to use Event Viewer with AppLocker.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.technology: itpro-security
ms.date: 02/02/2023
---

6
windows/security/threat-protection/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies.md
View File

@ -1,15 +1,9 @@
---
title: Use Software Restriction Policies and AppLocker policies
description: This topic for the IT professional describes how to use Software Restriction Policies (SRP) and AppLocker policies in the same Windows deployment.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Use Software Restriction Policies and AppLocker policies

6
windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/what-is-applocker.md
View File

@ -1,15 +1,9 @@
---
title: What Is AppLocker
description: This topic for the IT professional describes what AppLocker is and how its features differ from Software Restriction Policies.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# What Is AppLocker?

6
windows/security/threat-protection/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md
View File

@ -1,15 +1,9 @@
---
title: Windows Installer rules in AppLocker
description: This topic describes the file formats and available default rules for the Windows Installer rule collection.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Windows Installer rules in AppLocker

6
windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-policies.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-policies.md
View File

@ -1,15 +1,9 @@
---
title: Working with AppLocker policies
description: This topic for IT professionals provides links to procedural topics about creating, maintaining, and testing AppLocker policies.
ms.reviewer:
ms.author: vinpa
ms.prod: windows-client
ms.localizationpriority: medium
author: vinaypamnani-msft
manager: aaroncz
ms.topic: conceptual
ms.date: 09/21/2017
ms.technology: itpro-security
---
# Working with AppLocker policies

6
windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-rules.md → windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-rules.md
View File

@ -1,15 +1,9 @@
---
title: Working with AppLocker rules
description: This topic for IT professionals describes AppLocker rule types and how to work with them for your application control policies.
ms.reviewer:
manager: aaroncz
ms.author: vinpa
ms.prod: windows-client
author: vinaypamnani-msft
ms.localizationpriority: medium
msauthor: v-anbic
ms.date: 08/27/2018
ms.technology: itpro-security
ms.topic: conceptual
---

24
windows/security/threat-protection/windows-defender-application-control/LOB-win32-apps-on-s.md → windows/security/application-security/application-control/windows-defender-application-control/deployment/LOB-win32-apps-on-s.md
View File

@ -1,25 +1,15 @@
---
title: Allow LOB Win32 apps on Intune-managed S Mode devices
description: Using Windows Defender Application Control (WDAC) supplemental policies, you can expand the S Mode base policy on your Intune-managed devices.
ms.prod: windows-client
ms.localizationpriority: medium
author: jsuther1974
ms.reviewer: jogeurte
ms.author: vinpa
manager: aaroncz
ms.date: 04/05/2023
ms.technology: itpro-security
ms.topic: how-to
---
# Allow line-of-business Win32 apps on Intune-managed S Mode devices
**Applies to:**
- Windows 10
> [!NOTE]
> Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. For more information, see [Windows Defender Application Control feature availability](feature-availability.md).
> Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. For more information, see [Windows Defender Application Control feature availability](../feature-availability.md).
You can use Microsoft Intune to deploy and run critical Win32 applications, and Windows components that are normally blocked in S mode, on your Intune-managed Windows 10 in S mode devices. For example, PowerShell.exe.
@ -31,7 +21,7 @@ For an overview and brief demo of this feature, see this video:
## Policy authorization process
![Basic diagram of the policy authorization flow.](images/wdac-intune-policy-authorization.png)
![Basic diagram of the policy authorization flow.](../images/wdac-intune-policy-authorization.png)
The general steps for expanding the S mode base policy on your Intune-managed Windows 10 in S mode devices are to generate a supplemental policy, sign that policy, upload the signed policy to Intune, and assign it to user or device groups. Because you need access to PowerShell cmdlets to generate your supplemental policy, you should create and manage your policies on a non-S mode device. Once the policy has been uploaded to Intune, before deploying the policy more broadly, assign it to a single test Windows 10 in S mode device to verify expected functioning.
@ -39,7 +29,7 @@ The general steps for expanding the S mode base policy on your Intune-managed Wi
This policy expands the S mode base policy to authorize more applications. Anything authorized by either the S mode base policy or your supplemental policy is allowed to run. Your supplemental policies can specify filepath rules, trusted publishers, and more.
For more information on creating supplemental policies, see [Deploy multiple WDAC policies](deploy-multiple-windows-defender-application-control-policies.md). For more information on the right type of rules to create for your policy, see [Deploy WDAC policy rules and file rules](select-types-of-rules-to-create.md).
For more information on creating supplemental policies, see [Deploy multiple WDAC policies](../design/deploy-multiple-wdac-policies.md). For more information on the right type of rules to create for your policy, see [Deploy WDAC policy rules and file rules](../design/select-types-of-rules-to-create.md).
The following instructions are a basic set for creating an S mode supplemental policy:
@ -81,7 +71,7 @@ The general steps for expanding the S mode base policy on your Intune-managed Wi
2. Sign the policy.
Supplemental S mode policies must be digitally signed. To sign your policy, use your organization's custom Public Key Infrastructure (PKI). For more information on signing using an internal CA, see [Create a code signing cert for WDAC](create-code-signing-cert-for-windows-defender-application-control.md).
Supplemental S mode policies must be digitally signed. To sign your policy, use your organization's custom Public Key Infrastructure (PKI). For more information on signing using an internal CA, see [Create a code signing cert for WDAC](create-code-signing-cert-for-wdac.md).
> [!TIP]
> For more information, see [Azure Code Signing, democratizing trust for developers and consumers](https://techcommunity.microsoft.com/t5/security-compliance-and-identity/azure-code-signing-democratizing-trust-for-developers-and/ba-p/3604669).
@ -97,19 +87,19 @@ The general steps for expanding the S mode base policy on your Intune-managed Wi
## Standard process for deploying apps through Intune
![Basic diagram for deploying apps through Intune.](images/wdac-intune-app-deployment.png)
![Basic diagram for deploying apps through Intune.](../images/wdac-intune-app-deployment.png)
For more information on the existing procedure of packaging signed catalogs and app deployment, see [Win32 app management in Microsoft Intune](/mem/intune/apps/apps-win32-app-management).
## Optional: Process for deploying apps using catalogs
![Basic diagram for deploying Apps using catalogs.](images/wdac-intune-app-catalogs.png)
![Basic diagram for deploying Apps using catalogs.](../images/wdac-intune-app-catalogs.png)
Your supplemental policy can be used to significantly relax the S mode base policy, but there are security trade-offs you must consider in doing so. For example, you can use a signer rule to trust an external signer, but that authorizes all apps signed by that certificate, which may include apps you don't want to allow as well.
Instead of authorizing signers external to your organization, Intune has functionality to make it easier to authorize existing applications by using signed catalogs. This feature doesn't require repackaging or access to the source code. It works for apps that may be unsigned or even signed apps when you don't want to trust all apps that may share the same signing certificate.
The basic process is to generate a catalog file for each app using Package Inspector, then sign the catalog files using a custom PKI. To authorize the catalog signing certificate in the supplemental policy, use the **Add-SignerRule** PowerShell cmdlet as shown earlier in step 1 of the [Policy authorization process](#policy-authorization-process). After that, use the [Standard process for deploying apps through Intune](#standard-process-for-deploying-apps-through-intune) outlined earlier. For more information on generating catalogs, see [Deploy catalog files to support WDAC](deploy-catalog-files-to-support-windows-defender-application-control.md).
The basic process is to generate a catalog file for each app using Package Inspector, then sign the catalog files using a custom PKI. To authorize the catalog signing certificate in the supplemental policy, use the **Add-SignerRule** PowerShell cmdlet as shown earlier in step 1 of the [Policy authorization process](#policy-authorization-process). After that, use the [Standard process for deploying apps through Intune](#standard-process-for-deploying-apps-through-intune) outlined earlier. For more information on generating catalogs, see [Deploy catalog files to support WDAC](deploy-catalog-files-to-support-wdac.md).
> [!NOTE]
> Every time an app updates, you need to deploy an updated catalog. Try to avoid using catalog files for applications that auto-update, and direct users not to update applications on their own.

38
windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md → windows/security/application-security/application-control/windows-defender-application-control/deployment/audit-wdac-policies.md
View File

@ -1,33 +1,15 @@
---
title: Use audit events to create WDAC policy rules
title: Use audit events to create WDAC policy rules
description: Audits allow admins to discover apps, binaries, and scripts that should be added to the WDAC policy.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
audience: ITPro
author: jsuther1974
ms.reviewer: jogeurte
ms.author: vinpa
manager: aaroncz
ms.date: 05/03/2018
ms.technology: itpro-security
ms.topic: article
---
# Use audit events to create WDAC policy rules
**Applies to:**
- Windows 10
- Windows 11
- Windows Server 2016 and above
>[!NOTE]
>Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Application Control feature availability](feature-availability.md).
>Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Application Control feature availability](../feature-availability.md).
Running Application Control in audit mode lets you discover applications, binaries, and scripts that are missing from your WDAC policy but should be included.
@ -36,18 +18,18 @@ While a WDAC policy is running in audit mode, any binary that runs but would hav
## Overview of the process to create WDAC policy to allow apps using audit events
> [!Note]
> You must have already deployed a WDAC audit mode policy to use this process. If you have not already done so, see [Deploying Windows Defender Application Control policies](windows-defender-application-control-deployment-guide.md).
> You must have already deployed a WDAC audit mode policy to use this process. If you have not already done so, see [Deploying Windows Defender Application Control policies](wdac-deployment-guide.md).
To familiarize yourself with creating WDAC rules from audit events, follow these steps on a device with a WDAC audit mode policy.
1. Install and run an application not allowed by the WDAC policy but that you want to allow.
2. Review the **CodeIntegrity - Operational** and **AppLocker - MSI and Script** event logs to confirm events, like those shown in Figure 1, are generated related to the application. For information about the types of events you should see, refer to [Understanding Application Control events](event-id-explanations.md).
2. Review the **CodeIntegrity - Operational** and **AppLocker - MSI and Script** event logs to confirm events, like those shown in Figure 1, are generated related to the application. For information about the types of events you should see, refer to [Understanding Application Control events](../operations/event-id-explanations.md).
**Figure 1. Exceptions to the deployed WDAC policy**
![Event showing exception to WDAC policy.](images/dg-fig23-exceptionstocode.png)
![Event showing exception to WDAC policy.](../images/dg-fig23-exceptionstocode.png)
3. In an elevated PowerShell session, run the following commands to initialize variables used by this procedure. This procedure builds upon the **Lamna_FullyManagedClients_Audit.xml** policy introduced in [Create a WDAC policy for fully managed devices](create-wdac-policy-for-fully-managed-devices.md) and will produce a new policy called **EventsPolicy.xml**.
3. In an elevated PowerShell session, run the following commands to initialize variables used by this procedure. This procedure builds upon the **Lamna_FullyManagedClients_Audit.xml** policy introduced in [Create a WDAC policy for fully managed devices](../design/create-wdac-policy-for-fully-managed-devices.md) and will produce a new policy called **EventsPolicy.xml**.
```powershell
$PolicyName= "Lamna_FullyManagedClients_Audit"
@ -59,13 +41,13 @@ To familiarize yourself with creating WDAC rules from audit events, follow these
4. Use [New-CIPolicy](/powershell/module/configci/new-cipolicy) to generate a new WDAC policy from logged audit events. This example uses a **FilePublisher** file rule level and a **Hash** fallback level. Warning messages are redirected to a text file **EventsPolicyWarnings.txt**.
```powershell
New-CIPolicy -FilePath $EventsPolicy -Audit -Level FilePublisher -Fallback SignedVersion,FilePublisher,Hash UserPEs -MultiplePolicyFormat 3> $EventsPolicyWarnings
New-CIPolicy -FilePath $EventsPolicy -Audit -Level FilePublisher -Fallback SignedVersion,FilePublisher,Hash -UserPEs -MultiplePolicyFormat 3> $EventsPolicyWarnings
```
> [!NOTE]
> When you create policies from audit events, you should carefully consider the file rule level that you select to trust. The preceding example uses the **FilePublisher** rule level with a fallback level of **Hash**, which may be more specific than desired. You can re-run the above command using different **-Level** and **-Fallback** options to meet your needs. For more information about WDAC rule levels, see [Understand WDAC policy rules and file rules](select-types-of-rules-to-create.md).
> When you create policies from audit events, you should carefully consider the file rule level that you select to trust. The preceding example uses the **FilePublisher** rule level with a fallback level of **Hash**, which may be more specific than desired. You can re-run the above command using different **-Level** and **-Fallback** options to meet your needs. For more information about WDAC rule levels, see [Understand WDAC policy rules and file rules](../design/select-types-of-rules-to-create.md).
5. Find and review the WDAC policy file **EventsPolicy.xml** that should be found on your desktop. Ensure that it only includes file and signer rules for applications, binaries, and scripts you wish to allow. You can remove rules by manually editing the policy XML or use the WDAC Policy Wizard tool (see [Editing existing base and supplemental WDAC policies with the Wizard](wdac-wizard-editing-policy.md)).
5. Find and review the WDAC policy file **EventsPolicy.xml** that should be found on your desktop. Ensure that it only includes file and signer rules for applications, binaries, and scripts you wish to allow. You can remove rules by manually editing the policy XML or use the WDAC Policy Wizard tool (see [Editing existing base and supplemental WDAC policies with the Wizard](../design/wdac-wizard-editing-policy.md)).
6. Find and review the text file **EventsPolicyWarnings.txt** that should be found on your desktop. This file will include a warning for any files that WDAC couldn't create a rule for at either the specified rule level or fallback rule level.
@ -74,6 +56,6 @@ To familiarize yourself with creating WDAC rules from audit events, follow these
7. Merge **EventsPolicy.xml** with the Base policy **Lamna_FullyManagedClients_Audit.xml** or convert it to a supplemental policy.
For information on merging policies, refer to [Merge Windows Defender Application Control policies](merge-windows-defender-application-control-policies.md) and for information on supplemental policies see [Use multiple Windows Defender Application Control Policies](deploy-multiple-windows-defender-application-control-policies.md).
For information on merging policies, refer to [Merge Windows Defender Application Control policies](merge-wdac-policies.md) and for information on supplemental policies see [Use multiple Windows Defender Application Control Policies](../design/deploy-multiple-wdac-policies.md).
8. Convert the Base or Supplemental policy to binary and deploy using your preferred method.

32
windows/security/threat-protection/windows-defender-application-control/create-code-signing-cert-for-windows-defender-application-control.md → windows/security/application-security/application-control/windows-defender-application-control/deployment/create-code-signing-cert-for-wdac.md
View File

@ -1,35 +1,17 @@
---
title: Create a code signing cert for Windows Defender Application Control
title: Create a code signing cert for Windows Defender Application Control
description: Learn how to set up a publicly issued code signing certificate, so you can sign catalog files or WDAC policies internally.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
audience: ITPro
ms.topic: conceptual
author: jsuther1974
ms.reviewer: jogeurte
ms.author: vinpa
manager: aaroncz
ms.date: 12/01/2022
ms.technology: itpro-security
---
# Optional: Create a code signing cert for Windows Defender Application Control
**Applies to:**
- Windows 10
- Windows 11
- Windows Server 2016 and above
>[!NOTE]
>Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md).
>Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md).
As you deploy Windows Defender Application Control (WDAC), you might need to sign catalog files or WDAC policies internally. To do this signing, you'll either need a publicly issued code signing certificate or an internal CA. If you've purchased a code-signing certificate, you can skip this article, and instead follow other articles listed in the [Windows Defender Application Control Deployment Guide](windows-defender-application-control-deployment-guide.md).
As you deploy Windows Defender Application Control (WDAC), you might need to sign catalog files or WDAC policies internally. To do this signing, you'll either need a publicly issued code signing certificate or an internal CA. If you've purchased a code-signing certificate, you can skip this article, and instead follow other articles listed in the [Windows Defender Application Control Deployment Guide](wdac-deployment-guide.md).
If you have an internal CA, complete these steps to create a code signing certificate.
@ -45,7 +27,7 @@ If you have an internal CA, complete these steps to create a code signing certif
2. When connected, right-click **Certificate Templates**, and then select **Manage** to open the Certification Templates Console.
![CA snap-in showing Certificate Templates.](images/dg-fig27-managecerttemp.png)
![CA snap-in showing Certificate Templates.](../images/dg-fig27-managecerttemp.png)
Figure 1. Manage the certificate templates
@ -61,7 +43,7 @@ If you have an internal CA, complete these steps to create a code signing certif
8. In the **Edit Basic Constraints Extension** dialog box, select **Enable this extension**, as shown in Figure 2.
![Edit Basic Constraints Extension.](images/dg-fig29-enableconstraints.png)
![Edit Basic Constraints Extension.](../images/dg-fig29-enableconstraints.png)
Figure 2. Select constraints on the new template
@ -77,7 +59,7 @@ When this certificate template has been created, you must publish it to the CA p
1. In the Certification Authority MMC snap-in, right-click **Certification Templates**, point to **New**, and then select **Certificate Template to Issue**, as shown in Figure 3.
![Select Certificate Template to Issue.](images/dg-fig30-selectnewcert.png)
![Select Certificate Template to Issue.](../images/dg-fig30-selectnewcert.png)
Figure 3. Select the new certificate template to issue
@ -95,7 +77,7 @@ Now that the template is available to be issued, you must request one from the c
4. In the **Request Certificate** list, select your newly created code signing certificate, and then select the blue text that requests additional information, as shown in Figure 4.
![Request Certificates: more information required.](images/dg-fig31-getmoreinfo.png)
![Request Certificates: more information required.](../images/dg-fig31-getmoreinfo.png)
Figure 4. Get more information for your code signing certificate

Some files were not shown because too many files have changed in this diff Show More