A series of posts about using Microsoft Defender Application Control (MDAC) with Intune.
MDAC (formerly known as WDAC) is the native Windows 10 security feature to control what files can be executed by the system. Application Control is one of the basic security controls for the desktop. This series shows how to develop an MDAC policy for the desktop using the new file path rules in Windows 1903, and how to deliver the policy using the new Application Control CSP in a custom OMA-URI setting in Intune.
- About Microsoft Defender Application Control. Why you would want to use it.
- Getting Started with MDAC. The overall approach and an outline of the steps.
- Create a basic MDAC Policy. How to create a basic policy that allows Windows to boot and Microsoft applications to run.
- Test an MDAC Policy. How to test a policy manually, before distributing it.
- Deliver an MDAC Policy with Intune. How to use a custom OMA-URI to deliver an MDAC policy.
- MDAC and File Path Rules. How to create a policy with file path rules.
- Merge MDAC Policies. How to merge the file path rules policy with other policies to create a workable production policy.
- Set MDAC Policy Options. The range of options to set in a policy.