mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-27 16:23:36 +00:00
Merge pull request #5740 from MicrosoftDocs/aljupudi-5358645-feedback-02
Defender App Guard Link text correction-02
This commit is contained in:
Daniel Simpson
GitHub
@ -27,7 +27,7 @@ ms.technology: mde
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
||||||
|
|
||||||
This topic for IT professionals describes how to update your existing AppLocker policies for packaged apps using the Remote Server Administration Toolkit (RSAT).
|
This topic for IT professionals describes how to update your existing AppLocker policies for packaged apps using the Remote Server Administration Toolkit (RSAT).
|
||||||
|
|
||||||
|
|||||||
@ -27,7 +27,7 @@ ms.technology: mde
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
||||||
|
|
||||||
This topic for IT professionals provides links to specific procedures to use when administering AppLocker policies.
|
This topic for IT professionals provides links to specific procedures to use when administering AppLocker policies.
|
||||||
|
|
||||||
|
|||||||
@ -27,7 +27,7 @@ ms.technology: mde
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
||||||
|
|
||||||
This topic for IT professional describes AppLocker’s basic architecture and its major components.
|
This topic for IT professional describes AppLocker’s basic architecture and its major components.
|
||||||
|
|
||||||
|
|||||||
@ -27,7 +27,7 @@ ms.technology: mde
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
||||||
|
|
||||||
This article for the IT professional lists the functions and security levels for the Software Restriction Policies (SRP) and AppLocker features.
|
This article for the IT professional lists the functions and security levels for the Software Restriction Policies (SRP) and AppLocker features.
|
||||||
|
|
||||||
|
|||||||
@ -27,7 +27,7 @@ ms.technology: mde
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
||||||
|
|
||||||
This topic provides a description of AppLocker and can help you decide if your organization can benefit from deploying AppLocker application control policies. AppLocker helps you control which apps and files users can run. These include executable files, scripts, Windows Installer files, dynamic-link libraries (DLLs), packaged apps, and packaged app installers.
|
This topic provides a description of AppLocker and can help you decide if your organization can benefit from deploying AppLocker application control policies. AppLocker helps you control which apps and files users can run. These include executable files, scripts, Windows Installer files, dynamic-link libraries (DLLs), packaged apps, and packaged app installers.
|
||||||
|
|
||||||
|
|||||||
@ -28,7 +28,7 @@ ms.technology: mde
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
||||||
|
|
||||||
This topic for IT professionals introduces the concepts and describes the steps required to deploy AppLocker policies.
|
This topic for IT professionals introduces the concepts and describes the steps required to deploy AppLocker policies.
|
||||||
|
|
||||||
|
|||||||
@ -27,7 +27,7 @@ ms.technology: mde
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
||||||
|
|
||||||
This topic for the IT professional introduces the design and planning steps required to deploy application control policies by using AppLocker.
|
This topic for the IT professional introduces the design and planning steps required to deploy application control policies by using AppLocker.
|
||||||
|
|
||||||
|
|||||||
@ -27,7 +27,7 @@ ms.technology: mde
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
||||||
|
|
||||||
This topic for the IT professional lists the various application control scenarios in which AppLocker policies can be effectively implemented.
|
This topic for the IT professional lists the various application control scenarios in which AppLocker policies can be effectively implemented.
|
||||||
|
|
||||||
|
|||||||
@ -27,7 +27,7 @@ ms.technology: mde
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
||||||
|
|
||||||
This topic for the IT professional describes the process dependencies and interactions when AppLocker evaluates and enforces rules.
|
This topic for the IT professional describes the process dependencies and interactions when AppLocker evaluates and enforces rules.
|
||||||
|
|
||||||
|
|||||||
@ -25,7 +25,7 @@ ms.localizationpriority: medium
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
>[!NOTE]
|
>[!NOTE]
|
||||||
>Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
>Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
||||||
|
|
||||||
You can use Microsoft Endpoint Configuration Manager (MEMCM) to configure Windows Defender Application Control (WDAC) on client machines.
|
You can use Microsoft Endpoint Configuration Manager (MEMCM) to configure Windows Defender Application Control (WDAC) on client machines.
|
||||||
|
|
||||||
|
|||||||
@ -25,7 +25,7 @@ ms.localizationpriority: medium
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
>[!NOTE]
|
>[!NOTE]
|
||||||
>Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
>Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
||||||
|
|
||||||
This topic describes how to deploy Windows Defender Application Control (WDAC) policies using script. The instructions below use PowerShell but can work with any scripting host.
|
This topic describes how to deploy Windows Defender Application Control (WDAC) policies using script. The instructions below use PowerShell but can work with any scripting host.
|
||||||
|
|
||||||
|
|||||||
@ -26,7 +26,7 @@ ms.localizationpriority: medium
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
>[!NOTE]
|
>[!NOTE]
|
||||||
>Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
>Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
|
||||||
|
|
||||||
This topic covers tips and tricks for admins as well as known issues with WDAC.
|
This topic covers tips and tricks for admins as well as known issues with WDAC.
|
||||||
Test this configuration in your lab before enabling it in production.
|
Test this configuration in your lab before enabling it in production.
|
||||||
|
|||||||
@ -27,7 +27,7 @@ ms.technology: mde
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](feature-availability.md).
|
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md).
|
||||||
|
|
||||||
This topic covers guidelines for using code signing control classic Windows apps.
|
This topic covers guidelines for using code signing control classic Windows apps.
|
||||||
|
|
||||||
|
|||||||
@ -27,7 +27,7 @@ ms.technology: mde
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](feature-availability.md).
|
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md).
|
||||||
|
|
||||||
You can sign code integrity policies with the Device Guard signing portal to prevent them from being tampered with after they're deployed.
|
You can sign code integrity policies with the Device Guard signing portal to prevent them from being tampered with after they're deployed.
|
||||||
|
|
||||||
|
|||||||
@ -27,7 +27,7 @@ ms.technology: mde
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](feature-availability.md).
|
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md).
|
||||||
|
|
||||||
Signed WDAC policies give organizations the highest level of malware protection available in Windows. In addition to their enforced policy rules, signed policies cannot be modified or deleted by a user or administrator on the computer. These policies are designed to prevent administrative tampering and kernel mode exploit access. With this in mind, it is much more difficult to remove signed WDAC policies. Note that SecureBoot must be enabled in order to restrict users from updating or removing signed WDAC policies.
|
Signed WDAC policies give organizations the highest level of malware protection available in Windows. In addition to their enforced policy rules, signed policies cannot be modified or deleted by a user or administrator on the computer. These policies are designed to prevent administrative tampering and kernel mode exploit access. With this in mind, it is much more difficult to remove signed WDAC policies. Note that SecureBoot must be enabled in order to restrict users from updating or removing signed WDAC policies.
|
||||||
|
|
||||||
|
|||||||
@ -27,7 +27,7 @@ ms.technology: mde
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](feature-availability.md).
|
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md).
|
||||||
|
|
||||||
As of Windows 10, version 1703, you can use WDAC policies not only to control applications, but also to control whether specific plug-ins, add-ins, and modules can run from specific apps (such as a line-of-business application or a browser):
|
As of Windows 10, version 1703, you can use WDAC policies not only to control applications, but also to control whether specific plug-ins, add-ins, and modules can run from specific apps (such as a line-of-business application or a browser):
|
||||||
|
|
||||||
|
|||||||
@ -27,7 +27,7 @@ ms.technology: mde
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](feature-availability.md).
|
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md).
|
||||||
|
|
||||||
Application control can be difficult to implement in organizations that don't deploy and manage applications through an IT-managed system. In such environments, users can acquire the applications they want to use for work, making it hard to build an effective application control policy.
|
Application control can be difficult to implement in organizations that don't deploy and manage applications through an IT-managed system. In such environments, users can acquire the applications they want to use for work, making it hard to build an effective application control policy.
|
||||||
|
|
||||||
|
|||||||
@ -28,7 +28,7 @@ ms.technology: mde
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](feature-availability.md).
|
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md).
|
||||||
|
|
||||||
Windows 10 and Windows 11 include two technologies that can be used for application control, depending on your organization's specific scenarios and requirements: Windows Defender Application Control (WDAC) and AppLocker.
|
Windows 10 and Windows 11 include two technologies that can be used for application control, depending on your organization's specific scenarios and requirements: Windows Defender Application Control (WDAC) and AppLocker.
|
||||||
|
|
||||||
|
|||||||
@ -28,7 +28,7 @@ ms.technology: mde
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](feature-availability.md).
|
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md).
|
||||||
|
|
||||||
When creating policies for use with Windows Defender Application Control (WDAC), it is recommended to start with a template policy and then add or remove rules to suit your application control scenario. For this reason, the WDAC Wizard offers three template policies to start from and customize during the base policy creation workflow. Prerequisite information about application control can be accessed through the [WDAC design guide](windows-defender-application-control-design-guide.md). This page outlines the steps to create a new application control policy from a template, configure the policy options, and the signer and file rules.
|
When creating policies for use with Windows Defender Application Control (WDAC), it is recommended to start with a template policy and then add or remove rules to suit your application control scenario. For this reason, the WDAC Wizard offers three template policies to start from and customize during the base policy creation workflow. Prerequisite information about application control can be accessed through the [WDAC design guide](windows-defender-application-control-design-guide.md). This page outlines the steps to create a new application control policy from a template, configure the policy options, and the signer and file rules.
|
||||||
|
|
||||||
|
|||||||
@ -28,7 +28,7 @@ ms.technology: mde
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](feature-availability.md).
|
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md).
|
||||||
|
|
||||||
Beginning in Windows 10 version 1903, WDAC supports the creation of multiple active policies on a device. One or more supplemental policies allow customers to expand a [WDAC base policy](wdac-wizard-create-base-policy.md) to increase the circle of trust of the policy. A supplemental policy can expand only one base policy, but multiple supplementals can expand the same base policy. When using supplemental policies, applications allowed by the base or its supplemental policy/policies will be allowed to execute.
|
Beginning in Windows 10 version 1903, WDAC supports the creation of multiple active policies on a device. One or more supplemental policies allow customers to expand a [WDAC base policy](wdac-wizard-create-base-policy.md) to increase the circle of trust of the policy. A supplemental policy can expand only one base policy, but multiple supplementals can expand the same base policy. When using supplemental policies, applications allowed by the base or its supplemental policy/policies will be allowed to execute.
|
||||||
|
|
||||||
|
|||||||
@ -28,7 +28,7 @@ ms.technology: mde
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](feature-availability.md).
|
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md).
|
||||||
|
|
||||||
The WDAC Wizard makes editing and viewing WDAC policies easier than the PowerShell cmdlets or manually. The Wizard currently supports the following editing capabilities:
|
The WDAC Wizard makes editing and viewing WDAC policies easier than the PowerShell cmdlets or manually. The Wizard currently supports the following editing capabilities:
|
||||||
<ul>
|
<ul>
|
||||||
|
|||||||
@ -28,7 +28,7 @@ ms.technology: mde
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](feature-availability.md).
|
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md).
|
||||||
|
|
||||||
The Windows Defender Application Control (WDAC) policy Wizard is an open-source Windows desktop application written in C# and bundled as an MSIX package. The Wizard was built to provide security architects with security, and system administrators with a more user-friendly means to create, edit, and merge WDAC policies. The Wizard desktop application uses the [ConfigCI PowerShell Cmdlets](/powershell/module/configci) in the backend so the output policy of the Wizard and PowerShell cmdlets is identical.
|
The Windows Defender Application Control (WDAC) policy Wizard is an open-source Windows desktop application written in C# and bundled as an MSIX package. The Wizard was built to provide security architects with security, and system administrators with a more user-friendly means to create, edit, and merge WDAC policies. The Wizard desktop application uses the [ConfigCI PowerShell Cmdlets](/powershell/module/configci) in the backend so the output policy of the Wizard and PowerShell cmdlets is identical.
|
||||||
|
|
||||||
|
|||||||
@ -27,7 +27,7 @@ ms.technology: mde
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](feature-availability.md).
|
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md).
|
||||||
|
|
||||||
You should now have one or more WDAC policies ready to deploy. If you haven't yet completed the steps described in the [WDAC Design Guide](windows-defender-application-control-design-guide.md), do so now before proceeding.
|
You should now have one or more WDAC policies ready to deploy. If you haven't yet completed the steps described in the [WDAC Design Guide](windows-defender-application-control-design-guide.md), do so now before proceeding.
|
||||||
|
|
||||||
|
|||||||
@ -28,7 +28,7 @@ ms.technology: mde
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](feature-availability.md).
|
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md).
|
||||||
|
|
||||||
This guide covers design and planning for Windows Defender Application Control (WDAC). It is intended to help security architects, security administrators, and system administrators create a plan that addresses specific application control requirements for different departments or business groups within an organization.
|
This guide covers design and planning for Windows Defender Application Control (WDAC). It is intended to help security architects, security administrators, and system administrators create a plan that addresses specific application control requirements for different departments or business groups within an organization.
|
||||||
|
|
||||||
|
|||||||
@ -27,7 +27,7 @@ ms.technology: mde
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](feature-availability.md).
|
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md).
|
||||||
|
|
||||||
After designing and deploying your Windows Defender Application Control (WDAC) policies, this guide covers understanding the effects your policies are having and troubleshooting when they are not behaving as expected. It contains information on where to find events and what they mean, and also querying these events with Microsoft Defender for Endpoint Advanced Hunting feature.
|
After designing and deploying your Windows Defender Application Control (WDAC) policies, this guide covers understanding the effects your policies are having and troubleshooting when they are not behaving as expected. It contains information on where to find events and what they mean, and also querying these events with Microsoft Defender for Endpoint Advanced Hunting feature.
|
||||||
|
|
||||||
|
|||||||
@ -28,7 +28,7 @@ ms.technology: mde
|
|||||||
- Windows Server 2016 and above
|
- Windows Server 2016 and above
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Defender App Guard feature availability](feature-availability.md).
|
> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md).
|
||||||
|
|
||||||
With thousands of new malicious files created every day, using traditional methods like antivirus solutions—signature-based detection to fight against malware—provides an inadequate defense against new attacks.
|
With thousands of new malicious files created every day, using traditional methods like antivirus solutions—signature-based detection to fight against malware—provides an inadequate defense against new attacks.
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user