Configure Microsoft Defender Application Control using Custom Profiles

Показать описание

Previously known as Windows Defender Application Control, Microsoft Defender Application Control (MDAC) is now even more accessible to organizations through the removal of the Windows 10 Enterprise / Education requirement. Now, organizations using Windows 10/11 Professional are able to leverage the feature to gain greater insight and control of their Windows device estate.

Microsoft Defender Application Control builds upon the foundations set in AppLocker, which was initially introduced in Windows 7 to allow organizations to control exactly which applications can run on their Windows devices.

There are a few ways to enable and manage Microsoft Defender Application Control, and each method should be explored to ensure the right one is chosen for the use case.
In this series, I will walk through each method for deploying Microsoft Defender Application Control so that you can make an informed decision.

2) Method 2 – Microsoft Endpoint Manager (Intune) Endpoint Protection Policy configuration [this post]
3) Method 3 – Microsoft Endpoint Manager (Intune) Custom Profile [also this post]
4) Method 4 – Microsoft Endpoint Configuration Manager (ConfigMgr)

Рекомендации по теме

Комментарии

Thanks for the video. And if I want to allow the execution of some win32 applications, how would they be added to the allowed list?

soydlm

thank you for this. i've surfed thru internet for whole day to see how Memory Integrity can be enabled and was able to do so using the tool you recommended. 👌👌

abdulsaqib

4:28 is such a classic Microsoft moment. Side-note, has anyone managed to run Windows Image Configuration Designer in the last 5 years?

ichabaudcraine

Thank you! My only question is something I can never seem to find anywhere when working with OMA URI...Where do you get the value that starts with ".\Vendor\MSFT\"...etc?

jurellt

Thank you for your video. Can you please create a video to block all third party application but allow managed application (Pushed from intune). Is it possible?

mdmmde

This needs an option to Allow all and block selected as in it's current state it is a destroyer of systems and usability. What are your thoughts on why it breaks so much stuff. Like Citrix clients...cmon, how can that not be on the graph, or many many utilities which people use everyday. Good luck to anybody attempting to actually roll this out. We gave up.

andytaylor

How do you deploy with the supplemental policy you created it but never showed how to include it in the video, when I create a base policy and add a custom rule it removes the policy ID from the xml so i cant deploy with in-tune what am I missing?

tonyorchard

Good video but missing some important detail such as what to do with the supplemental policy.

ashpowell

@0:44 - can you show us how/why/when to create/enable an Endpoint protection policy for all that is listed under "2 - configuration settings" ???

fbifido

Hello! Any ideas why after allowing an app, I get the error windows ''your organization used device guard to block this app. Contact your support person for more info"
This is not the big blue windows prompt from the WDAC but a rather legacy looking pop up? Thank you

fredericcuzon

I was following along just fine until you reached the OMA-URI. Where did yo get the link that you pasted? Doesn't seem to be mentioned.

MalteseNinja

Hey! Does this integrate with Defender for Cloud Adaptive Application Control?

tomasbohunek

does the custom profile allows you to whitelist any application, publisher, etc .... ???

fbifido

I have the example files included with Win 10 Pro 64bit working fine, however WDAC is blocking apps I have installed and I used the wizard to add a custom rule but it continues to be blocked.
Can this run on a standalone machine ? Just can’t seem to allow anything already installed

nvidiashield

Configure Microsoft Defender Application Control using Custom Profiles

Configuring Windows Defender Application Control (WDAC)

Microsoft Defender Application Control

Enable Windows Defender Application Control with Microsoft Intune

Configure Microsoft Defender Application Control using Custom Profiles

Windows Defender Application Control (WDAC) Basics

How to configure Windows Defender Application Control: Microsoft Exam AZ-801

Configure Microsoft Defender Application Control using Intune Endpoint Security profiles

Balancing security and flexibility when implementing Windows Defender Application Control (WDAC)

#AzureBacktoSchool 2024 - Uros Babic - Unified Security Operations with Sentinel and Defender XDR

Basics of deploying Windows Defender Application Control (WDAC) using Intune

Using Windows Application Control via an Intune template

60. Configure Microsoft Defender Application Guard using Microsoft Intune

Building a Windows Defender Application Control (WDAC) policy from scratch: User Mode Code Integrity

fix your organization used windows defender application control to block this app 2019

Windows Defender Application Control (WDAC) part 1 of 3 with MVP Kim Oppalfens

How to Create, Deploy and Audit WDAC (Windows Defender Application Control) Policies | WDACConfig

YOUR ORGANIZATION USED WINDOWS DEFENDER APPLICATION CONTROL TO BLOCK THIS APP

(SOLVED) Your organization used Windows Defender Application Control to block this app

MS128 - Manage Approved app for Windows devices with Application Control policy & Managed Instal...

Fix: 'Your organisation used Windows Defender Application Control to block this app' Error

Blue Security Podcast - 2022-02-13 - Microsoft Defender Application Control

ADAPTIVE APPLICATION CONTROL IN MICROSOFT DEFENDER FOR CLOUD

Enable ALL These Windows Security Features!

2 Create Windows Defender Application Control Policies