From 6d5ba57cbf80508f6e43da9f30ca38bae35965bc Mon Sep 17 00:00:00 2001
From: Daniel Olim <49715300+daniel-microsoft@users.noreply.github.com>
Date: Fri, 8 Nov 2019 16:12:41 +0000
Subject: [PATCH] Update create-wip-policy-using-intune-azure.md

This would clarify what this "Executable rule" means for and why we do this.
---
 .../create-wip-policy-using-intune-azure.md                     | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md b/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md
index d6f39a9895..10a228166e 100644
--- a/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md
+++ b/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md
@@ -299,6 +299,8 @@ For more info about AppLocker, see the [AppLocker](https://technet.microsoft.com
 
 ## Create an Executable rule for unsigned apps
 
+The executable rule would help you to create an AppLocker rule to sign your unsigned Apps. This would allow you to add the file path or the App publisher contained in the file's digital signature needed for the WIP policy to be applied. 
+
 1. Open the Local Security Policy snap-in (SecPol.msc).
     
 2. In the left pane, click **Application Control Policies** > **AppLocker** > **Executable Rules**.