A series of posts about using Windows Defender Application Control (WDAC) with Intune.
WDAC is the native Windows 10 security feature to control what files can be executed by the system. Application Control is one of the basic security controls for the desktop. This series shows how to develop a WDAC policy for the desktop using the new file path rules in Windows 1903, and how to deliver the policy using the new Application Control CSP in a custom OMA-URI setting in Intune.
- About Windows Defender Application Control. Why you would want to use it.
- Getting Started with WDAC. The overall approach and an outline of the steps.
- Create a basic WDAC Policy. How to create a basic policy that allows Windows to boot and Microsoft applications to run.
- Test a WDAC Policy. How to test a policy manually, before distributing it.
- Deliver a WDAC Policy with Intune. How to use a custom OMA-URI to deliver a WDAC policy.
- WDAC and File Path Rules. How to create a policy with file path rules.
- Merge WDAC Policies. How to merge the file path rules policy with other policies to create a workable production policy.
- Set WDAC Policy Options. The range of options to set in a policy.