From 664657bdd1b77bc96aa2f30187a94a8ac644cd00 Mon Sep 17 00:00:00 2001 From: Justin Hall Date: Thu, 17 May 2018 12:25:33 -0700 Subject: [PATCH] added intro --- .../windows-defender-application-control/TOC.md | 2 +- ...-defender-application-control-policies-using-intune.md | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/TOC.md b/windows/security/threat-protection/windows-defender-application-control/TOC.md index 9607bdf929..4bf7c5ff89 100644 --- a/windows/security/threat-protection/windows-defender-application-control/TOC.md +++ b/windows/security/threat-protection/windows-defender-application-control/TOC.md @@ -11,13 +11,13 @@ ## [Windows Defender Application Control deployment guide](windows-defender-application-control-deployment-guide.md) ### [Types of devices](types-of-devices.md) -### [Use WDAC with a managed installer](use-windows-defender-application-control-with-managed-installer.md) ###Use WDAC with custom policies #### [Create an initial default policy](create-initial-default-policy.md) #### [Microsoft recommended block rules](microsoft-recommended-block-rules.md) ### [Audit WDAC policies](audit-windows-defender-application-control-policies.md) ### [Merge WDAC policies](merge-windows-defender-application-control-policies.md) ### [Enforce WDAC policies](enforce-windows-defender-application-control-policies.md) +### [Deploy WDAC with a managed installer](use-windows-defender-application-control-with-managed-installer.md) ### [Deploy WDAC policies using Group Policy](deploy-windows-defender-application-control-policies-using-group-policy.md) ### [Deploy WDAC policies using Intune](deploy-windows-defender-application-control-policies-using-intune.md) ### [Use code signing to simplify application control for classic Windows applications](use-code-signing-to-simplify-application-control-for-classic-windows-applications.md) diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md index e5c645d13f..2a46325363 100644 --- a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md +++ b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md @@ -6,8 +6,8 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: jsuther1974 -ms.date: 02/28/2018 +author: justinha +ms.date: 05/17/2018 --- # Deploy Windows Defender Application Control policies by using Microsoft Intune @@ -17,7 +17,7 @@ ms.date: 02/28/2018 - Windows 10 - Windows Server 2016 -You can apply Windows Defender Application Control (WDAC) to Windows 10 client computers using Microsoft Intune. +You can use Microsoft Intune to configure Windows Defender Application Control (WDAC). You can configure Windows 10 client computers to only run Windows components and Microsoft Store apps, or let them also run reputable apps defined by the Intelligent Security Graph. 1. Open the Microsoft Intune portal and click **Device configuration** > **Profiles** > **Creae profile**. @@ -27,5 +27,5 @@ You can apply Windows Defender Application Control (WDAC) to Windows 10 client c 4. Click **Configure** > **Windows Defender Application Control**. for the following settings and then click **OK**: - - **Application control code intergity policies**: Select **Audit only** to log events but not block any apps from running or select **Enforce** to allow only Windows components and Microsoft Store apps to run. + - **Application control code intergity policies**: Select **Audit only** to log events but not block any apps from running or select **Enforce** to allow only Windows components and Store apps to run. - **Trust apps with good reputation**: Select **Enable** to allow reputable apps as defined by the Intelligent Security Graph to run in addition to Windows components and Store apps.