Applocker service install#
So everything deployed by either of those solutions would pass your Application Control policy and be allowed.Īgain, working in this field the end goal has always been to install every single thing needed through that centralized platform as this eliminates the need for admin accounts to install things. Given my background in this area (I have been and still am an MVP for 15 years in this field of expertise) the platforms in scope are Configuration Manager and Intune. Managed installers are supposed to make all software installed through your Systems Management platform trusted by your Application Control policy. I’ll try to fill in some of the detail around that.
One thing severily lacking, other than frustrations uthered in several forums, is how you manage and maintain this in an environment that’s under the control of a systems management solution. Application control peaked my interest a couple of years ago and that interest sky rocketted when I heard about the managed installer functionality introduced in Windows 10 1709.Īpart from the public docs at microsoft the goto resource on Wdac is Matt Graeber aka I’ve learned a ton from his many posts on the topic.īetween Matt’s posts and the docs there’s quite a lot out there on Wdac itself. In this installment let’s start discussing application control. This is another post in the attack surface reduction series. This post will explain the basics of how a Windows Defender Application Control managed installer works.
Reducing attack surface with Application Control and Managed Installers.
0 kommentar(er)
