- name: Application Control for Windows href: index.yml - name: About application control for Windows href: wdac.md expanded: true items: - name: WDAC and AppLocker Overview href: wdac-and-applocker-overview.md - name: WDAC and AppLocker Feature Availability href: feature-availability.md - name: Virtualization-based protection of code integrity href: ../introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md - name: WDAC design guide href: design/wdac-design-guide.md items: - name: Plan for WDAC policy lifecycle management href: design/plan-wdac-management.md - name: Design your WDAC policy items: - name: Understand WDAC policy design decisions href: design/understand-wdac-policy-design-decisions.md - name: Understand WDAC policy rules and file rules href: design/select-types-of-rules-to-create.md items: - name: Allow apps installed by a managed installer href: design/configure-authorized-apps-deployed-with-a-managed-installer.md - name: Allow reputable apps with Intelligent Security Graph (ISG) href: design/use-wdac-with-intelligent-security-graph.md - name: Allow COM object registration href: design/allow-com-object-registration-in-wdac-policy.md - name: Use WDAC with .NET hardening href: design/wdac-and-dotnet.md - name: Script enforcement with Windows Defender Application Control href: design/script-enforcement.md - name: Manage packaged apps with WDAC href: design/manage-packaged-apps-with-wdac.md - name: Use WDAC to control specific plug-ins, add-ins, and modules href: design/use-wdac-policy-to-control-specific-plug-ins-add-ins-and-modules.md - name: Understand WDAC policy settings href: design/understanding-wdac-policy-settings.md - name: Use multiple WDAC policies href: design/deploy-multiple-wdac-policies.md - name: Create your WDAC policy items: - name: Example WDAC base policies href: design/example-wdac-base-policies.md - name: Policy creation for common WDAC usage scenarios href: design/common-wdac-use-cases.md items: - name: Create a WDAC policy for lightly managed devices href: design/create-wdac-policy-for-lightly-managed-devices.md - name: Create a WDAC policy for fully managed devices href: design/create-wdac-policy-for-fully-managed-devices.md - name: Create a WDAC policy for fixed-workload devices href: design/create-wdac-policy-using-reference-computer.md - name: Create a WDAC deny list policy href: design/create-wdac-deny-policy.md - name: Applications that can bypass WDAC and how to block them href: design/applications-that-can-bypass-wdac.md - name: Microsoft recommended driver block rules href: design/microsoft-recommended-driver-block-rules.md - name: Use the WDAC Wizard tool href: design/wdac-wizard.md items: - name: Create a base WDAC policy with the Wizard href: design/wdac-wizard-create-base-policy.md - name: Create a supplemental WDAC policy with the Wizard href: design/wdac-wizard-create-supplemental-policy.md - name: Editing a WDAC policy with the Wizard href: design/wdac-wizard-editing-policy.md - name: Creating WDAC Policy Rules from WDAC Events href: design/wdac-wizard-parsing-event-logs.md - name: Merging multiple WDAC policies with the Wizard href: design/wdac-wizard-merging-policies.md - name: WDAC deployment guide href: deployment/wdac-deployment-guide.md items: - name: Deploy WDAC policies with MDM href: deployment/deploy-wdac-policies-using-intune.md - name: Deploy WDAC policies with Configuration Manager href: deployment/deploy-wdac-policies-with-memcm.md - name: Deploy WDAC policies with script href: deployment/deploy-wdac-policies-with-script.md - name: Deploy WDAC policies with group policy href: deployment/deploy-wdac-policies-using-group-policy.md - name: Audit WDAC policies href: deployment/audit-wdac-policies.md - name: Merge WDAC policies href: deployment/merge-wdac-policies.md - name: Enforce WDAC policies href: deployment/enforce-wdac-policies.md - name: Use code signing for added control and protection with WDAC href: deployment/use-code-signing-for-better-control-and-protection.md items: - name: Deploy catalog files to support WDAC href: deployment/deploy-catalog-files-to-support-wdac.md - name: Use signed policies to protect Windows Defender Application Control against tampering href: deployment/use-signed-policies-to-protect-wdac-against-tampering.md - name: "Optional: Create a code signing cert for WDAC" href: deployment/create-code-signing-cert-for-wdac.md - name: Disable WDAC policies href: deployment/disable-wdac-policies.md - name: LOB Win32 Apps on S Mode href: deployment/LOB-win32-apps-on-s.md - name: WDAC operational guide href: operations/wdac-operational-guide.md items: - name: WDAC debugging and troubleshooting href: operations/wdac-debugging-and-troubleshooting.md - name: Understanding Application Control event IDs href: operations/event-id-explanations.md - name: Understanding Application Control event tags href: operations/event-tag-explanations.md - name: Query WDAC events with Advanced hunting href: operations/querying-application-control-events-centrally-using-advanced-hunting.md - name: Known Issues href: operations/known-issues.md - name: Managed installer and ISG technical reference and troubleshooting guide href: operations/configure-wdac-managed-installer.md - name: CITool.exe technical reference href: operations/citool-commands.md - name: Inbox WDAC policies href: operations/inbox-wdac-policies.md - name: WDAC AppId Tagging guide href: AppIdTagging/wdac-appid-tagging-guide.md items: - name: Creating AppId Tagging Policies href: AppIdTagging/design-create-appid-tagging-policies.md - name: Deploying AppId Tagging Policies href: AppIdTagging/deploy-appid-tagging-policies.md - name: Testing and Debugging AppId Tagging Policies href: AppIdTagging/debugging-operational-guide-appid-tagging-policies.md - name: AppLocker href: applocker\applocker-overview.md items: - name: Administer AppLocker href: applocker\administer-applocker.md items: - name: Maintain AppLocker policies href: applocker\maintain-applocker-policies.md - name: Edit an AppLocker policy href: applocker\edit-an-applocker-policy.md - name: Test and update an AppLocker policy href: applocker\test-and-update-an-applocker-policy.md - name: Deploy AppLocker policies by using the enforce rules setting href: applocker\deploy-applocker-policies-by-using-the-enforce-rules-setting.md - name: Use the AppLocker Windows PowerShell cmdlets href: applocker\use-the-applocker-windows-powershell-cmdlets.md - name: Optimize AppLocker performance href: applocker\optimize-applocker-performance.md - name: Monitor app usage with AppLocker href: applocker\monitor-application-usage-with-applocker.md - name: Manage packaged apps with AppLocker href: applocker\manage-packaged-apps-with-applocker.md - name: Working with AppLocker rules href: applocker\working-with-applocker-rules.md items: - name: Create a rule that uses a file hash condition href: applocker\create-a-rule-that-uses-a-file-hash-condition.md - name: Create a rule that uses a path condition href: applocker\create-a-rule-that-uses-a-path-condition.md - name: Create a rule that uses a publisher condition href: applocker\create-a-rule-that-uses-a-publisher-condition.md - name: Create AppLocker default rules href: applocker\create-applocker-default-rules.md - name: Add exceptions for an AppLocker rule href: applocker\configure-exceptions-for-an-applocker-rule.md - name: Create a rule for packaged apps href: applocker\create-a-rule-for-packaged-apps.md - name: Delete an AppLocker rule href: applocker\delete-an-applocker-rule.md - name: Edit AppLocker rules href: applocker\edit-applocker-rules.md - name: Enable the DLL rule collection href: applocker\enable-the-dll-rule-collection.md - name: Enforce AppLocker rules href: applocker\enforce-applocker-rules.md - name: Run the Automatically Generate Rules wizard href: applocker\run-the-automatically-generate-rules-wizard.md - name: Working with AppLocker policies href: applocker\working-with-applocker-policies.md items: - name: Configure the Application Identity service href: applocker\configure-the-application-identity-service.md - name: Configure an AppLocker policy for audit only href: applocker\configure-an-applocker-policy-for-audit-only.md - name: Configure an AppLocker policy for enforce rules href: applocker\configure-an-applocker-policy-for-enforce-rules.md - name: Display a custom URL message when users try to run a blocked app href: applocker\display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md - name: Export an AppLocker policy from a GPO href: applocker\export-an-applocker-policy-from-a-gpo.md - name: Export an AppLocker policy to an XML file href: applocker\export-an-applocker-policy-to-an-xml-file.md - name: Import an AppLocker policy from another computer href: applocker\import-an-applocker-policy-from-another-computer.md - name: Import an AppLocker policy into a GPO href: applocker\import-an-applocker-policy-into-a-gpo.md - name: Add rules for packaged apps to existing AppLocker rule-set href: applocker\add-rules-for-packaged-apps-to-existing-applocker-rule-set.md - name: Merge AppLocker policies by using Set-ApplockerPolicy href: applocker\merge-applocker-policies-by-using-set-applockerpolicy.md - name: Merge AppLocker policies manually href: applocker\merge-applocker-policies-manually.md - name: Refresh an AppLocker policy href: applocker\refresh-an-applocker-policy.md - name: Test an AppLocker policy by using Test-AppLockerPolicy href: applocker\test-an-applocker-policy-by-using-test-applockerpolicy.md - name: AppLocker design guide href: applocker\applocker-policies-design-guide.md items: - name: Understand AppLocker policy design decisions href: applocker\understand-applocker-policy-design-decisions.md - name: Create a list of apps deployed to each business group href: applocker\create-list-of-applications-deployed-to-each-business-group.md items: - name: Document your app list href: applocker\document-your-application-list.md - name: Select the types of rules to create href: applocker\select-types-of-rules-to-create.md items: - name: Document your AppLocker rules href: applocker\document-your-applocker-rules.md - name: Determine the Group Policy structure and rule enforcement href: applocker\determine-group-policy-structure-and-rule-enforcement.md items: - name: Understand AppLocker rules and enforcement setting inheritance in Group Policy href: applocker\understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md - name: Document the Group Policy structure and AppLocker rule enforcement href: applocker\document-group-policy-structure-and-applocker-rule-enforcement.md - name: Plan for AppLocker policy management href: applocker\plan-for-applocker-policy-management.md - name: AppLocker deployment guide href: applocker\applocker-policies-deployment-guide.md items: - name: Understand the AppLocker policy deployment process href: applocker\understand-the-applocker-policy-deployment-process.md - name: Requirements for Deploying AppLocker Policies href: applocker\requirements-for-deploying-applocker-policies.md - name: Create Your AppLocker policies href: applocker\create-your-applocker-policies.md items: - name: Create Your AppLocker rules href: applocker\create-your-applocker-rules.md - name: Deploy the AppLocker policy into production href: applocker\deploy-the-applocker-policy-into-production.md items: - name: Use a reference device to create and maintain AppLocker policies href: applocker\use-a-reference-computer-to-create-and-maintain-applocker-policies.md items: - name: Determine which apps are digitally signed on a reference device href: applocker\determine-which-applications-are-digitally-signed-on-a-reference-computer.md - name: Configure the AppLocker reference device href: applocker\configure-the-appLocker-reference-device.md - name: AppLocker technical reference href: applocker\applocker-technical-reference.md items: - name: What Is AppLocker? href: applocker\what-is-applocker.md - name: Requirements to use AppLocker href: applocker\requirements-to-use-applocker.md - name: AppLocker policy use scenarios href: applocker\applocker-policy-use-scenarios.md - name: How AppLocker works href: applocker\how-applocker-works-techref.md items: - name: Understanding AppLocker rule behavior href: applocker\understanding-applocker-rule-behavior.md - name: Understanding AppLocker rule exceptions href: applocker\understanding-applocker-rule-exceptions.md - name: Understanding AppLocker rule collections href: applocker\understanding-applocker-rule-collections.md - name: Understand AppLocker rule collection extensions href: applocker\rule-collection-extensions.md - name: Understanding AppLocker allow and deny actions on rules href: applocker\understanding-applocker-allow-and-deny-actions-on-rules.md - name: Understanding AppLocker rule condition types href: applocker\understanding-applocker-rule-condition-types.md items: - name: Understanding the publisher rule condition in AppLocker href: applocker\understanding-the-publisher-rule-condition-in-applocker.md - name: Understanding the path rule condition in AppLocker href: applocker\understanding-the-path-rule-condition-in-applocker.md - name: Understanding the file hash rule condition in AppLocker href: applocker\understanding-the-file-hash-rule-condition-in-applocker.md - name: Understanding AppLocker default rules href: applocker\understanding-applocker-default-rules.md items: - name: Executable rules in AppLocker href: applocker\executable-rules-in-applocker.md - name: Windows Installer rules in AppLocker href: applocker\windows-installer-rules-in-applocker.md - name: Script rules in AppLocker href: applocker\script-rules-in-applocker.md - name: DLL rules in AppLocker href: applocker\dll-rules-in-applocker.md - name: Packaged apps and packaged app installer rules in AppLocker href: applocker\packaged-apps-and-packaged-app-installer-rules-in-applocker.md - name: AppLocker architecture and components href: applocker\applocker-architecture-and-components.md - name: AppLocker processes and interactions href: applocker\applocker-processes-and-interactions.md - name: AppLocker functions href: applocker\applocker-functions.md - name: Security considerations for AppLocker href: applocker\security-considerations-for-applocker.md - name: Tools to Use with AppLocker href: applocker\tools-to-use-with-applocker.md items: - name: Using Event Viewer with AppLocker href: applocker\using-event-viewer-with-applocker.md