- name: Application Control for Windows href: index.yml - name: About application control for Windows href: appcontrol.md expanded: true items: - name: App Control and AppLocker Overview href: appcontrol-and-applocker-overview.md - name: App Control and AppLocker Feature Availability href: feature-availability.md - name: Virtualization-based protection of code integrity href: ../introduction-to-virtualization-based-security-and-appcontrol.md - name: Design guide href: design/appcontrol-design-guide.md items: - name: Plan for App Control policy lifecycle management href: design/plan-appcontrol-management.md - name: Design your App Control policy items: - name: Understand App Control policy design decisions href: design/understand-appcontrol-policy-design-decisions.md - name: Understand App Control policy rules and file rules href: design/select-types-of-rules-to-create.md items: - name: Allow apps installed by a managed installer href: design/configure-authorized-apps-deployed-with-a-managed-installer.md - name: Allow reputable apps with Intelligent Security Graph (ISG) href: design/use-appcontrol-with-intelligent-security-graph.md - name: Allow COM object registration href: design/allow-com-object-registration-in-appcontrol-policy.md - name: Use App Control with .NET hardening href: design/appcontrol-and-dotnet.md - name: Script enforcement with App Control for Business href: design/script-enforcement.md - name: Manage packaged apps with App Control href: design/manage-packaged-apps-with-appcontrol.md - name: Use App Control to control specific plug-ins, add-ins, and modules href: design/use-appcontrol-policy-to-control-specific-plug-ins-add-ins-and-modules.md - name: Understand App Control policy settings href: design/understanding-appcontrol-policy-settings.md - name: Use multiple App Control policies href: design/deploy-multiple-appcontrol-policies.md - name: Create your App Control policy items: - name: Example App Control base policies href: design/example-appcontrol-base-policies.md - name: Policy creation for common App Control usage scenarios href: design/common-appcontrol-use-cases.md items: - name: Create an App Control policy for lightly managed devices href: design/create-appcontrol-policy-for-lightly-managed-devices.md - name: Create an App Control policy for fully managed devices href: design/create-appcontrol-policy-for-fully-managed-devices.md - name: Create an App Control policy for fixed-workload devices href: design/create-appcontrol-policy-using-reference-computer.md - name: Create an App Control deny list policy href: design/create-appcontrol-deny-policy.md - name: Applications that can bypass App Control and how to block them href: design/applications-that-can-bypass-appcontrol.md - name: Microsoft recommended driver block rules href: design/microsoft-recommended-driver-block-rules.md - name: Use the App Control Wizard tool href: design/appcontrol-wizard.md items: - name: Create a base App Control policy with the Wizard href: design/appcontrol-wizard-create-base-policy.md - name: Create a supplemental App Control policy with the Wizard href: design/appcontrol-wizard-create-supplemental-policy.md - name: Editing an App Control policy with the Wizard href: design/appcontrol-wizard-editing-policy.md - name: Creating App Control Policy Rules from App Control Events href: design/appcontrol-wizard-parsing-event-logs.md - name: Merging multiple App Control policies with the Wizard href: design/appcontrol-wizard-merging-policies.md - name: Deployment guide href: deployment/appcontrol-deployment-guide.md items: - name: Deploy App Control policies with MDM href: deployment/deploy-appcontrol-policies-using-intune.md - name: Deploy App Control policies with Configuration Manager href: deployment/deploy-appcontrol-policies-with-memcm.md - name: Deploy App Control policies with script href: deployment/deploy-appcontrol-policies-with-script.md - name: Deploy App Control policies with group policy href: deployment/deploy-appcontrol-policies-using-group-policy.md - name: Audit App Control policies href: deployment/audit-appcontrol-policies.md - name: Merge App Control policies href: deployment/merge-appcontrol-policies.md - name: Enforce App Control policies href: deployment/enforce-appcontrol-policies.md - name: Use code signing for added control and protection with App Control href: deployment/use-code-signing-for-better-control-and-protection.md items: - name: Deploy catalog files to support App Control href: deployment/deploy-catalog-files-to-support-appcontrol.md - name: Use signed policies to protect App Control for Business against tampering href: deployment/use-signed-policies-to-protect-appcontrol-against-tampering.md - name: "Optional: Create a code signing cert for App Control" href: deployment/create-code-signing-cert-for-appcontrol.md - name: Disable App Control policies href: deployment/disable-appcontrol-policies.md - name: Operational guide href: operations/appcontrol-operational-guide.md items: - name: App Control debugging and troubleshooting href: operations/appcontrol-debugging-and-troubleshooting.md - name: Understanding App Control event IDs href: operations/event-id-explanations.md - name: Understanding App Control event tags href: operations/event-tag-explanations.md - name: Query App Control events with Advanced hunting href: operations/querying-application-control-events-centrally-using-advanced-hunting.md - name: Known Issues href: operations/known-issues.md - name: Managed installer and ISG technical reference and troubleshooting guide href: operations/configure-appcontrol-managed-installer.md - name: CITool.exe technical reference href: operations/citool-commands.md - name: Inbox App Control policies href: operations/inbox-appcontrol-policies.md - name: AppId Tagging guide href: AppIdTagging/appcontrol-appid-tagging-guide.md items: - name: Creating AppId Tagging Policies href: AppIdTagging/design-create-appid-tagging-policies.md - name: Deploying AppId Tagging Policies href: AppIdTagging/deploy-appid-tagging-policies.md - name: Testing and Debugging AppId Tagging Policies href: AppIdTagging/debugging-operational-guide-appid-tagging-policies.md - name: AppLocker href: applocker\applocker-overview.md items: - name: Administer AppLocker href: applocker\administer-applocker.md items: - name: Maintain AppLocker policies href: applocker\maintain-applocker-policies.md - name: Edit an AppLocker policy href: applocker\edit-an-applocker-policy.md - name: Test and update an AppLocker policy href: applocker\test-and-update-an-applocker-policy.md - name: Deploy AppLocker policies by using the enforce rules setting href: applocker\deploy-applocker-policies-by-using-the-enforce-rules-setting.md - name: Use the AppLocker Windows PowerShell cmdlets href: applocker\use-the-applocker-windows-powershell-cmdlets.md - name: Optimize AppLocker performance href: applocker\optimize-applocker-performance.md - name: Monitor app usage with AppLocker href: applocker\monitor-application-usage-with-applocker.md - name: Manage packaged apps with AppLocker href: applocker\manage-packaged-apps-with-applocker.md - name: Working with AppLocker rules href: applocker\working-with-applocker-rules.md items: - name: Create a rule that uses a file hash condition href: applocker\create-a-rule-that-uses-a-file-hash-condition.md - name: Create a rule that uses a path condition href: applocker\create-a-rule-that-uses-a-path-condition.md - name: Create a rule that uses a publisher condition href: applocker\create-a-rule-that-uses-a-publisher-condition.md - name: Create AppLocker default rules href: applocker\create-applocker-default-rules.md - name: Add exceptions for an AppLocker rule href: applocker\configure-exceptions-for-an-applocker-rule.md - name: Create a rule for packaged apps href: applocker\create-a-rule-for-packaged-apps.md - name: Delete an AppLocker rule href: applocker\delete-an-applocker-rule.md - name: Edit AppLocker rules href: applocker\edit-applocker-rules.md - name: Enable the DLL rule collection href: applocker\enable-the-dll-rule-collection.md - name: Enforce AppLocker rules href: applocker\enforce-applocker-rules.md - name: Run the Automatically Generate Rules wizard href: applocker\run-the-automatically-generate-rules-wizard.md - name: Working with AppLocker policies href: applocker\working-with-applocker-policies.md items: - name: Configure the Application Identity service href: applocker\configure-the-application-identity-service.md - name: Configure an AppLocker policy for audit only href: applocker\configure-an-applocker-policy-for-audit-only.md - name: Configure an AppLocker policy for enforce rules href: applocker\configure-an-applocker-policy-for-enforce-rules.md - name: Display a custom URL message when users try to run a blocked app href: applocker\display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md - name: Export an AppLocker policy from a GPO href: applocker\export-an-applocker-policy-from-a-gpo.md - name: Export an AppLocker policy to an XML file href: applocker\export-an-applocker-policy-to-an-xml-file.md - name: Import an AppLocker policy from another computer href: applocker\import-an-applocker-policy-from-another-computer.md - name: Import an AppLocker policy into a GPO href: applocker\import-an-applocker-policy-into-a-gpo.md - name: Add rules for packaged apps to existing AppLocker rule-set href: applocker\add-rules-for-packaged-apps-to-existing-applocker-rule-set.md - name: Merge AppLocker policies by using Set-ApplockerPolicy href: applocker\merge-applocker-policies-by-using-set-applockerpolicy.md - name: Merge AppLocker policies manually href: applocker\merge-applocker-policies-manually.md - name: Refresh an AppLocker policy href: applocker\refresh-an-applocker-policy.md - name: Test an AppLocker policy by using Test-AppLockerPolicy href: applocker\test-an-applocker-policy-by-using-test-applockerpolicy.md - name: AppLocker design guide href: applocker\applocker-policies-design-guide.md items: - name: Understand AppLocker policy design decisions href: applocker\understand-applocker-policy-design-decisions.md - name: Create a list of apps deployed to each business group href: applocker\create-list-of-applications-deployed-to-each-business-group.md items: - name: Document your app list href: applocker\document-your-application-list.md - name: Select the types of rules to create href: applocker\select-types-of-rules-to-create.md items: - name: Document your AppLocker rules href: applocker\document-your-applocker-rules.md - name: Determine the Group Policy structure and rule enforcement href: applocker\determine-group-policy-structure-and-rule-enforcement.md items: - name: Understand AppLocker rules and enforcement setting inheritance in Group Policy href: applocker\understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md - name: Document the Group Policy structure and AppLocker rule enforcement href: applocker\document-group-policy-structure-and-applocker-rule-enforcement.md - name: Plan for AppLocker policy management href: applocker\plan-for-applocker-policy-management.md - name: AppLocker deployment guide href: applocker\applocker-policies-deployment-guide.md items: - name: Understand the AppLocker policy deployment process href: applocker\understand-the-applocker-policy-deployment-process.md - name: Requirements for Deploying AppLocker Policies href: applocker\requirements-for-deploying-applocker-policies.md - name: Create Your AppLocker policies href: applocker\create-your-applocker-policies.md items: - name: Create Your AppLocker rules href: applocker\create-your-applocker-rules.md - name: Deploy the AppLocker policy into production href: applocker\deploy-the-applocker-policy-into-production.md items: - name: Use a reference device to create and maintain AppLocker policies href: applocker\use-a-reference-computer-to-create-and-maintain-applocker-policies.md items: - name: Determine which apps are digitally signed on a reference device href: applocker\determine-which-applications-are-digitally-signed-on-a-reference-computer.md - name: Configure the AppLocker reference device href: applocker\configure-the-appLocker-reference-device.md - name: AppLocker technical reference href: applocker\applocker-technical-reference.md items: - name: What Is AppLocker? href: applocker\what-is-applocker.md - name: Requirements to use AppLocker href: applocker\requirements-to-use-applocker.md - name: AppLocker policy use scenarios href: applocker\applocker-policy-use-scenarios.md - name: How AppLocker works href: applocker\how-applocker-works-techref.md items: - name: Understanding AppLocker rule behavior href: applocker\understanding-applocker-rule-behavior.md - name: Understanding AppLocker rule exceptions href: applocker\understanding-applocker-rule-exceptions.md - name: Understanding AppLocker rule collections href: applocker\understanding-applocker-rule-collections.md - name: Understand AppLocker rule collection extensions href: applocker\rule-collection-extensions.md - name: Understanding AppLocker allow and deny actions on rules href: applocker\understanding-applocker-allow-and-deny-actions-on-rules.md - name: Understanding AppLocker rule condition types href: applocker\understanding-applocker-rule-condition-types.md items: - name: Understanding the publisher rule condition in AppLocker href: applocker\understanding-the-publisher-rule-condition-in-applocker.md - name: Understanding the path rule condition in AppLocker href: applocker\understanding-the-path-rule-condition-in-applocker.md - name: Understanding the file hash rule condition in AppLocker href: applocker\understanding-the-file-hash-rule-condition-in-applocker.md - name: Understanding AppLocker default rules href: applocker\understanding-applocker-default-rules.md items: - name: Executable rules in AppLocker href: applocker\executable-rules-in-applocker.md - name: Windows Installer rules in AppLocker href: applocker\windows-installer-rules-in-applocker.md - name: Script rules in AppLocker href: applocker\script-rules-in-applocker.md - name: DLL rules in AppLocker href: applocker\dll-rules-in-applocker.md - name: Packaged apps and packaged app installer rules in AppLocker href: applocker\packaged-apps-and-packaged-app-installer-rules-in-applocker.md - name: AppLocker architecture and components href: applocker\applocker-architecture-and-components.md - name: AppLocker processes and interactions href: applocker\applocker-processes-and-interactions.md - name: AppLocker functions href: applocker\applocker-functions.md - name: Security considerations for AppLocker href: applocker\security-considerations-for-applocker.md - name: Tools to Use with AppLocker href: applocker\tools-to-use-with-applocker.md items: - name: Using Event Viewer with AppLocker href: applocker\using-event-viewer-with-applocker.md