deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-15 14:57:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

revised to emphasize cfa

Browse Source
This commit is contained in:
martyav 2019-07-29 12:16:22 -04:00
parent d4873e5d5a
commit 6b6cda5a95
1 changed files with 3 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
windows/security/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard.md
View File

@ -25,13 +25,11 @@ manager: dansimp
Controlled folder access helps you protect valuable data from malicious apps and threats, such as ransomware. Controlled folder access is supported on Windows Server 2019 as well as Windows 10 clients. Controlled folder access helps you protect valuable data from malicious apps and threats, such as ransomware. Controlled folder access is supported on Windows Server 2019 as well as Windows 10 clients.
Controlled folder access works best with [Microsoft Defender Advanced Threat Protection](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md), which gives you detailed reporting into controlled folder access events and blocks as part of the usual [alert investigation scenarios](../microsoft-defender-atp/investigate-alerts.md). Controlled folder access works best with [Microsoft Defender Advanced Threat Protection](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md), which gives you detailed reporting into controlled folder access events and blocks as part of the usual [alert investigation scenarios](../microsoft-defender-atp/investigate-alerts.md).
All apps (any executable file, including .exe, .scr, .dll files and others) are screened by Windows Defender Antivirus before being allowed to access files in protected folders. Only apps that are known to be safe are allowed to make changes to files in a protected folder. Controlled folder access protects your data by checking against a list of known, trusted apps, before allowing any app access to files inside protected folders. Only apps that are on the trusted list are allowed in. If an app isn't on the trusted list, it will be blocked from making changes to files inside protected folders.
Apps that are known to be malicious usually never make it as far as attempting folder access -- they are swiftly quarantined. Apps are put on the trusted list based upon their prevalence and reputation. Highly-prevalent apps that have not displayed any malicious behavior are put on the list, as well as any apps you or your organization have allow-listed.
If there isn't sufficient data to determine if an app is safe, it will be blocked from accessing the folder as a safety measure. Controlled folder access is especially useful in helping to protect your documents and information from [ransomware](https://www.microsoft.com/wdsi/threats/ransomware) that can attempt to encrypt your files and hold them hostage.
This is especially useful in helping to protect your documents and information from [ransomware](https://www.microsoft.com/wdsi/threats/ransomware) that can attempt to encrypt your files and hold them hostage.
A notification will appear on the computer where the app attempted to make changes to a protected folder. You can [customize the notification](customize-attack-surface-reduction.md#customize-the-notification) with your company details and contact information. You can also enable the rules individually to customize what techniques the feature monitors. A notification will appear on the computer where the app attempted to make changes to a protected folder. You can [customize the notification](customize-attack-surface-reduction.md#customize-the-notification) with your company details and contact information. You can also enable the rules individually to customize what techniques the feature monitors.