deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-19 12:23:37 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge pull request #10319 from VLG17/patch-153

Browse Source 
Add link to HVCI in WDAC context
This commit is contained in:
Denise Vangel-MSFT
2022-01-26 13:35:28 -08:00
committed by GitHub
parent e4fd476989 6e1af48451
commit 73f2e48219
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
View File

@ -10,11 +10,11 @@ ms.pagetype: security
ms.localizationpriority: medium ms.localizationpriority: medium
audience: ITPro audience: ITPro
ms.collection: M365-security-compliance ms.collection: M365-security-compliance
author: jsuther1974 author: dansimp
ms.reviewer: isbrahm ms.reviewer: isbrahm
ms.author: dansimp ms.author: dansimp
manager: dansimp manager: dansimp
ms.date: 07/15/2021 ms.date: 01/26/2022
ms.technology: windows-sec ms.technology: windows-sec
--- ---
@ -31,6 +31,8 @@ ms.technology: windows-sec
Windows Defender Application Control (WDAC) can control what runs on Windows 10 and Windows 11, by setting policies that specify whether a driver or application is trusted. A policy includes *policy rules* that control options such as audit mode, and *file rules* (or *file rule levels*) that specify how applications are identified and trusted. Windows Defender Application Control (WDAC) can control what runs on Windows 10 and Windows 11, by setting policies that specify whether a driver or application is trusted. A policy includes *policy rules* that control options such as audit mode, and *file rules* (or *file rule levels*) that specify how applications are identified and trusted.
WDAC is used to restrict devices to run only approved apps, while the operating system is hardened against kernel memory attacks using [hypervisor-protected code integrity (HVCI)](/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control).
## Windows Defender Application Control policy rules ## Windows Defender Application Control policy rules
To modify the policy rule options of an existing WDAC policy XML, use [Set-RuleOption](/powershell/module/configci/set-ruleoption). The following examples show how to use this cmdlet to add and remove a rule option on an existing WDAC policy: To modify the policy rule options of an existing WDAC policy XML, use [Set-RuleOption](/powershell/module/configci/set-ruleoption). The following examples show how to use this cmdlet to add and remove a rule option on an existing WDAC policy: