deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-07 18:17:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Incorp tech review

Browse Source
This commit is contained in:
Andrea Bichsel 2018-10-15 14:56:06 -07:00
parent b8d7f63d46
commit 4e1e3b3e89
1 changed files with 3 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-rules-in-windows-10-enterprise-e3.md
View File

@ -20,17 +20,13 @@ ms.date: 10/15/2018
- Windows 10 Enterprise E3 - Windows 10 Enterprise E3
Attack surface reduction rules help prevent actions and apps that are typically used by exploit-seeking malware to infect machines. Attack surface reduction rules help prevent actions and apps that are typically used by exploit-seeking malware to infect machines. This feature area includes the rules, monitoring, reporting, and analytics necessary for deployment that are included in [Windows Defender Advanced Threat Protection](../windows-defender-atp/windows-defender-advanced-threat-protection.md), and require the Windows 10 Enterprise E5 license.
Attack surface reduction rules work best with [Windows Defender Advanced Threat Protection](../windows-defender-atp/windows-defender-advanced-threat-protection.md), which requires a Windows 10 Enterprise E5 license. Windows Defender ATP provides detailed reporting into events and blocks as part of its [alert investigation scenarios](../windows-defender-atp/investigate-alerts-windows-defender-advanced-threat-protection.md). A limited subset of basic attack surface reduction rules can technically be used with Windows 10 Enterprise E3. They can be used without the benefits of reporting, monitoring, and analytics, which provide the ease of deployment and management capabilities necessary for enterprises.
However, you can use a limited subset of attack surface reduction rules in Windows 10 Enterprise E3 if you are able to either develop your own reporting, monitoring, and analytics or hook into an existing solution in your environment.
Attack surface reduction rules are supported on Windows Server 2019 as well as Windows 10 clients. Attack surface reduction rules are supported on Windows Server 2019 as well as Windows 10 clients.
## Attack surface reduction rules The limited subset of rules that can be used in Windows 10 Enterprise E3 include:
The following attack surface reduction rules are available with a Windows 10 Enterprise E3 license:
- Block executable content from email client and webmail - Block executable content from email client and webmail
- Block all Office applications from creating child processes - Block all Office applications from creating child processes