mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-07 10:07:21 +00:00
Update security features documentation
This commit is contained in:
Paolo Matarazzo
parent
32b06c4da9
commit
a1ebaabfa3
@ -7,35 +7,11 @@ ms.date: 06/17/2024
|
||||
|
||||
# Subject index
|
||||
|
||||
## Security foundation
|
||||
|
||||
:::image type="content" source="images/security-foundation.png" alt-text="Diagram containing a list of security features." border="false":::
|
||||
|
||||
- Common Criteria (CC)
|
||||
- Federal Information Processing Standard (FIPS)
|
||||
- Microsoft Offensive Research and Security Engineering
|
||||
- Microsoft Security Development Lifecycle (SDL)
|
||||
- OneFuzz service
|
||||
- Software bill of materials (SBOM)
|
||||
- Windows App software development kit (SDK)
|
||||
- Windows Insider and Bug Bounty program
|
||||
|
||||
## Hardware security
|
||||
|
||||
:::image type="content" source="images/hardware.png" alt-text="Diagram containing a list of security features." lightbox="images/hardware.png" border="false":::
|
||||
|
||||
- Hardware-enforced stack protection
|
||||
- Kernel Direct Memory Access (DMA) protection
|
||||
- Microsoft Pluton security processor
|
||||
- Secured kernel
|
||||
- Secured-core PC
|
||||
- Trusted Platform Module (TPM)
|
||||
|
||||
## Operating system security
|
||||
|
||||
:::image type="content" source="images/operating-system.png" alt-text="Diagram containing a list of security features." lightbox="images/operating-system.png" border="false":::
|
||||
|
||||
- 5G and eSIM
|
||||
- Access management and control
|
||||
- Account lockout policies
|
||||
- App containers
|
||||
- App Control for Business
|
||||
- Assigned Access
|
||||
- Attack surface reduction
|
||||
- BitLocker
|
||||
@ -43,98 +19,88 @@ ms.date: 06/17/2024
|
||||
- Bluetooth protection
|
||||
- Certificates
|
||||
- Code signing and integrity
|
||||
- Common Criteria (CC)
|
||||
- Config Refresh
|
||||
- Controlled folder access
|
||||
- Credential Guard
|
||||
- Cryptography
|
||||
- Device Encryption
|
||||
- Device health attestation
|
||||
- DNS security
|
||||
- Email encryption
|
||||
- Encrypted hard drive
|
||||
- Enhanced phishing protection with Microsoft Defender SmartScreen
|
||||
- Enterprise State Roaming with Azure
|
||||
- Exploit protection
|
||||
- Federal Information Processing Standard (FIPS)
|
||||
- Federated sign-in
|
||||
- FIDO support
|
||||
- Find my device
|
||||
- Hardware-enforced stack protection
|
||||
- Kernel Direct Memory Access (DMA) protection
|
||||
- Local Security Authority (LSA) protection
|
||||
- MDM enrollment certificate attestation
|
||||
- MDM security baseline
|
||||
- Microsoft Account
|
||||
- Microsoft Authenticator
|
||||
- Microsoft Azure Attestation Service
|
||||
- Microsoft Defender Antivirus
|
||||
- Microsoft Defender for Endpoint
|
||||
- Microsoft Defender SmartScreen
|
||||
- Microsoft Entra ID
|
||||
- Microsoft Intune
|
||||
- Microsoft Offensive Research and Security Engineering
|
||||
- Microsoft Pluton security processor
|
||||
- Microsoft security baselines
|
||||
- Microsoft Security Development Lifecycle (SDL)
|
||||
- Microsoft vulnerable driver blocklist
|
||||
- Modern device management through (MDM)
|
||||
- OneDrive for personal
|
||||
- OneDrive for work or school
|
||||
- OneDrive Personal Vault
|
||||
- OneFuzz service
|
||||
- Passkeys
|
||||
- Personal data encryption
|
||||
- Privacy dashboard and report
|
||||
- Privacy resource usage
|
||||
- Privacy transparency and controls
|
||||
- Remote Credential Guard
|
||||
- Remote Wipe
|
||||
- Secured kernel
|
||||
- Secured-core PC
|
||||
- Securing Wi-Fi connections
|
||||
- Server Message Block file services
|
||||
- Smart App Control
|
||||
- Smart cards for Windows service
|
||||
- Software bill of materials (SBOM)
|
||||
- Tamper protection
|
||||
- Token protection
|
||||
- Transport layer security (TLS)
|
||||
- Trusted Boot (Secure Boot + Measured Boot)
|
||||
- Virtual private networks (VPN)
|
||||
- Windows Firewall
|
||||
- Windows security policy settings and auditing
|
||||
- Windows security settings
|
||||
|
||||
## Application security
|
||||
|
||||
:::image type="content" source="images/application-security.png" alt-text="Diagram containing a list of security features." lightbox="images/application-security.png" border="false":::
|
||||
|
||||
- App containers
|
||||
- App Control for Business
|
||||
- Microsoft vulnerable driver blocklist
|
||||
- Smart App Control
|
||||
- Trusted Platform Module (TPM)
|
||||
- Trusted signing
|
||||
- Universal Print
|
||||
- User Account Control
|
||||
- Win32 app isolation
|
||||
- Windows Sandbox
|
||||
- Windows Subsystem for Linux (WSL)
|
||||
|
||||
## Identity protection
|
||||
|
||||
:::image type="content" source="images/identity-protection.png" alt-text="Diagram containing a list of security features." lightbox="images/identity-protection.png" border="false":::
|
||||
|
||||
- Access management and control
|
||||
- Account lockout policies
|
||||
- Credential Guard
|
||||
- Enhanced phishing protection with Microsoft Defender SmartScreen
|
||||
- Federated sign-in
|
||||
- FIDO support
|
||||
- Local Security Authority (LSA) protection
|
||||
- Microsoft Authenticator
|
||||
- Passkeys
|
||||
- Remote Credential Guard
|
||||
- Smart cards for Windows service
|
||||
- Token protection
|
||||
- User reauthentication before password disablement
|
||||
- VBS Key Protection
|
||||
- Virtual private networks (VPN)
|
||||
- Win32 app isolation
|
||||
- Windows App software development kit (SDK)
|
||||
- Windows Autopatch
|
||||
- Windows Autopilot and zero-touch deployment
|
||||
- Windows diagnostic data processor configuration
|
||||
- Windows Firewall
|
||||
- Windows Hello
|
||||
- Windows Hello biometric sign-in
|
||||
- Windows Hello Enhanced Sign-in Security
|
||||
- Windows Hello for Business
|
||||
- Windows Hello for Business multi-factor unlock
|
||||
- Windows Hello PIN
|
||||
- Windows Insider and Bug Bounty program
|
||||
- Windows passwordless experience
|
||||
- Windows presence sensing
|
||||
|
||||
## Privacy
|
||||
|
||||
:::image type="content" source="images/privacy.png" alt-text="Diagram containing a list of security features." lightbox="images/privacy.png" border="false":::
|
||||
|
||||
- Privacy dashboard and report
|
||||
- Privacy transparency and controls
|
||||
- Privacy resource usage
|
||||
- Windows diagnostic data processor configuration
|
||||
|
||||
## Cloud services
|
||||
|
||||
:::image type="content" source="images/cloud-security.png" alt-text="Diagram containing a list of security features." lightbox="images/cloud-security.png" border="false":::
|
||||
|
||||
- Enterprise State Roaming with Azure
|
||||
- Find my device
|
||||
- MDM enrollment certificate attestation
|
||||
- MDM security baseline
|
||||
- Microsoft Account
|
||||
- Microsoft Azure Attestation Service
|
||||
- Microsoft Entra ID
|
||||
- Microsoft Intune
|
||||
- Microsoft security baselines
|
||||
- Modern device management through (MDM)
|
||||
- OneDrive for personal
|
||||
- OneDrive for work or school
|
||||
- OneDrive Personal Vault
|
||||
- Remote Wipe
|
||||
- Universal Print
|
||||
- User reauthentication before password disablement
|
||||
- Windows Autopatch
|
||||
- Windows Autopilot and zero-touch deployment
|
||||
- Windows Sandbox
|
||||
- Windows security policy settings and auditing
|
||||
- Windows security settings
|
||||
- Windows Subsystem for Linux (WSL)
|
||||
- Windows Update for Business deployment service
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user