Configure Microsoft Defender Application Control using Custom Profiles

Поділитися
Вставка
  • Опубліковано 4 гру 2024

КОМЕНТАРІ • 25

  • @ichabaudcraine2923
    @ichabaudcraine2923 Рік тому +2

    4:28 is such a classic Microsoft moment. Side-note, has anyone managed to run Windows Image Configuration Designer in the last 5 years?

    • @theCMC
      @theCMC  Рік тому

      yep! that had me confused for atleast 10 seconds.

  • @soydlm8658
    @soydlm8658 3 роки тому +5

    Thanks for the video. And if I want to allow the execution of some win32 applications, how would they be added to the allowed list?

  • @jurellt
    @jurellt 2 роки тому +1

    Thank you! My only question is something I can never seem to find anywhere when working with OMA URI...Where do you get the value that starts with ".\Vendor\MSFT\"...etc?

  • @abdulsaqib2247
    @abdulsaqib2247 2 роки тому +2

    thank you for this. i've surfed thru internet for whole day to see how Memory Integrity can be enabled and was able to do so using the tool you recommended. 👌👌

    • @theCMC
      @theCMC  2 роки тому

      Great to hear! You are very welcome to subscribe - we are full of useful tips like that! 👍

  • @mdmmde5341
    @mdmmde5341 2 роки тому +2

    Thank you for your video. Can you please create a video to block all third party application but allow managed application (Pushed from intune). Is it possible?

  • @fbifido2
    @fbifido2 2 роки тому

    @0:44 - can you show us how/why/when to create/enable an Endpoint protection policy for all that is listed under "2 - configuration settings" ???

  • @sonamsrivastava5125
    @sonamsrivastava5125 2 місяці тому

    While creating suplemental policy audit mode is off and i am unable to turn it on and lastly supplemental policy xml does not open nor I can see the policy in document folder. Please help

  • @andytaylor1
    @andytaylor1 2 роки тому +1

    This needs an option to Allow all and block selected as in it's current state it is a destroyer of systems and usability. What are your thoughts on why it breaks so much stuff. Like Citrix clients...cmon, how can that not be on the graph, or many many utilities which people use everyday. Good luck to anybody attempting to actually roll this out. We gave up.

  • @MalteseNinja22
    @MalteseNinja22 2 роки тому +1

    I was following along just fine until you reached the OMA-URI. Where did yo get the link that you pasted? Doesn't seem to be mentioned.

    • @theCMC
      @theCMC  2 роки тому

      Good point; apologies!
      learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-windows-defender-application-control-policies-using-intune#deploy-custom-wdac-policies-on-windows-10-1903

    • @MalteseNinja22
      @MalteseNinja22 2 роки тому

      @@theCMC thank you very much!

  • @tomasbohunek9698
    @tomasbohunek9698 2 роки тому +1

    Hey! Does this integrate with Defender for Cloud Adaptive Application Control?

    • @theCMC
      @theCMC  2 роки тому +1

      I have absolutely no idea what that is! Now I need to go look that up! Thanks for the question. /Dean

  • @ashpowell9451
    @ashpowell9451 2 роки тому +1

    Good video but missing some important detail such as what to do with the supplemental policy.

    • @theCMC
      @theCMC  2 роки тому +2

      Thanks - very true. I’ve learned a lot about this since creating the video so it certainly needs an update to be more accurate.

  • @fbifido2
    @fbifido2 2 роки тому +1

    does the custom profile allows you to whitelist any application, publisher, etc .... ???

    • @theCMC
      @theCMC  2 роки тому +1

      Yes

    • @alistairfreedom2456
      @alistairfreedom2456 Рік тому

      ​​@@theCMC do you have a video showing how ? 7zip for example seems like an obvious thing to show

  • @tonyorchard2143
    @tonyorchard2143 2 роки тому +1

    How do you deploy with the supplemental policy you created it but never showed how to include it in the video, when I create a base policy and add a custom rule it removes the policy ID from the xml so i cant deploy with in-tune what am I missing?

    • @ashpowell9451
      @ashpowell9451 2 роки тому

      Did you ever find the answer to this?

  • @fredericcuzon5194
    @fredericcuzon5194 2 роки тому

    Hello! Any ideas why after allowing an app, I get the error windows ''your organization used device guard to block this app. Contact your support person for more info"
    This is not the big blue windows prompt from the WDAC but a rather legacy looking pop up? Thank you

  • @nvidiashield495
    @nvidiashield495 2 роки тому

    I have the example files included with Win 10 Pro 64bit working fine, however WDAC is blocking apps I have installed and I used the wizard to add a custom rule but it continues to be blocked.
    Can this run on a standalone machine ? Just can’t seem to allow anything already installed