Configure Microsoft Defender Application Control using Intune Endpoint Security profiles

Поділитися
Вставка
  • Опубліковано 4 гру 2024

КОМЕНТАРІ •

  • @tehsimo
    @tehsimo Рік тому +5

    Hands up if you've bricked a machine with AppLocker

  • @mdmmde5341
    @mdmmde5341 2 роки тому +4

    Thank you for your video. Can you please create a video to block all third party application but allow managed application (Pushed from intune). Is it possible?

  • @andytaylor1
    @andytaylor1 2 роки тому +6

    Looks like you found exactly what we did when trying to enable this. It breaks EVERYTHING. Dll's failing all over the place, common well known applications not working anymore. Unusable in a production environment in this state imo.

  • @badisthebest
    @badisthebest Рік тому +1

    That was very helpful. Thank you so much!

  • @Woodeh06
    @Woodeh06 2 роки тому +2

    Thanks for the video. What about viewing the audit logs via 365 admin centre's though? Is that possible? If i want to find out what software users are installing into C:\users\username\AppData I don't want to have to manually view each computers event viewer logs. Don't currently have the audit option turned on but considering it. Cheers

  • @rashantha
    @rashantha 3 роки тому +2

    Is there a way to whitelist certain application in conjunction with the policy you created? Do you have a video on it?

    • @theCMC
      @theCMC  3 роки тому

      ua-cam.com/video/meT3cSc9300/v-deo.html

  • @DukePaul
    @DukePaul Рік тому

    Thanks! Great video.
    Is it possible for a profile to be based on a whitelist?

  • @benjiebuenviaje4811
    @benjiebuenviaje4811 Рік тому +1

    Thank you very much!

  • @jeshielmicoangulo5611
    @jeshielmicoangulo5611 8 місяців тому

    Hi What if the application is deployed in Intune??

  • @soydlm8658
    @soydlm8658 3 роки тому +1

    Great vídeo. a question. If I want both 7zip and vlc to run, is there a way that I don't enforce the policy on those applications? Create a whitelist of allowed apps or something similar.

    • @theCMC
      @theCMC  3 роки тому +4

      Yes, absolutely. I will be making a video on the other options available in the next few days.

    • @theCMC
      @theCMC  3 роки тому +3

      @soydlm ua-cam.com/video/meT3cSc9300/v-deo.html

  • @Shrikml
    @Shrikml 2 роки тому +1

    Great video.
    We are trying to block installation of any softwares for non admin users. we have applied security baseline but it's allowing few apps like firefox and discord.
    Can you tell me if there is any more efficient policy

    • @theCMC
      @theCMC  2 роки тому

      Hey! The baseline will prevent applications being executed that aren’t “sage”. Firefox and Discord are relatively safe apps, so they are unlikely to be blocked.

  • @RamessesChalet
    @RamessesChalet 3 роки тому +1

    Great video Thanks, Question please what is th deference between Microsoft 365 Defender
    and Microsoft Defender for Cloud Apps it make me confused ? could you make a Leeson in each one ! please

    • @theCMC
      @theCMC  3 роки тому +2

      Thanks for the feedback!
      M365 Defender is a suite of products that make up the pre and post breach security capability within Microsoft 365. It includes things like Defender for Endpoint, Defender for Office 365, and Defender for Identity. It also includes something called Microsoft Defender for Cloud Apps.
      Microsoft Defender for Cloud Apps used to be known as Microsoft Cloud App Security, and is a solution that allows organisations to discover and control the use of Cloud Apps (like Dropbox, for example) in their organisation.

  • @CGRealStudios
    @CGRealStudios 2 роки тому

    How do block specific applications?

  • @obaidshaukat3412
    @obaidshaukat3412 11 місяців тому

    How can we allow specific app, say i want to allow surf shark VPN , how can i do one app.

  • @tomasbohunek9698
    @tomasbohunek9698 2 роки тому +2

    Great video. Isn't it a bit scary to see all the native Windows components get blocked? This will impact system reliability downstream.

  • @summoner2100
    @summoner2100 3 роки тому +1

    Good vid... plus applocker was so broken. When they first released 10, if you applied applocker with ANY policy it restricted the new xaml made start menu. #fail lol

  • @marcusaurielius8195
    @marcusaurielius8195 3 роки тому +1

    can we shorten the channel name please¿ lol