mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-19 20:33:42 +00:00
consolidated exploit protection topics
This commit is contained in:
@ -34,6 +34,27 @@ You can make sure it doesn't affect your line-of-business apps, and see which su
|
||||
|
||||
## Enable exploit protection in audit mode
|
||||
|
||||
You can set mitigations in audit mode for specific programs either by using the Windows Security app or PowerShell.
|
||||
|
||||
### Windows Security app
|
||||
|
||||
1. Open the Windows Security app by clicking the shield icon in the task bar or searching the start menu for **Defender**.
|
||||
|
||||
2. Click the **App & browser control** tile (or the app icon on the left menu bar) and then click **Exploit protection**.
|
||||
|
||||
3. Go to **Program settings** and choose the app you want to apply mitigations to:
|
||||
|
||||
1. If the app you want to configure is already listed, click it and then click **Edit**
|
||||
2. If the app is not listed, at the top of the list click **Add program to customize** and then choose how you want to add the app:
|
||||
- Use **Add by program name** to have the mitigation applied to any running process with that name. You must specify a file with an extension. You can enter a full path to limit the mitigation to only the app with that name in that location.
|
||||
- Use **Choose exact file path** to use a standard Windows Explorer file picker window to find and select the file you want.
|
||||
|
||||
4. After selecting the app, you'll see a list of all the mitigations that can be applied. Choosing **Audit** will apply the mitigation in audit mode only. You will be notified if you need to restart the process or app, or if you need to restart Windows.
|
||||
|
||||
5. Repeat this for all the apps and mitigations you want to configure. Click **Apply** when you're done setting up your configuration.
|
||||
|
||||
### PowerShell
|
||||
|
||||
To set app-level mitigations to audit mode, use `Set-ProcessMitigation` with the **Audit mode** cmdlet.
|
||||
|
||||
Configure each mitigation in the following format:
|
||||
|
Reference in New Issue
Block a user