A series of posts about using Windows Defender Application Control (WDAC) with Intune.
Category: Security
Deliver a WDAC Policy with Intune
This post covers how to deliver a WDAC policy with Intune. It is part of a series about WDAC policies. To perform this step, we need to have previously created a policy and tested it manually. The Microsoft documentation on delivering a WDAC policy with Intune is confusing and incorrect. This is how to do it.
Test a WDAC Policy
This post covers how to test a Windows Defender Application Control (WDAC) policy.
Create a basic WDAC Policy
Windows Defender Application Control (WDAC) is a security feature that controls what is allowed to run on a Windows OS. This post describes creating a basic policy that allows Windows to boot and function. It is the first step in creating a WDAC policy for production.
Getting Started with WDAC
Windows Defender Application Control (WDAC) is the native Windows 10 security feature to control what files can be executed on the desktop. In Windows 1903, Microsoft has added support for file path rules as a basis for whitelisting. Before this, implementing a WDAC policy for the desktop in production was very difficult, almost impractical. File path rules allow applications in the Windows and Program Files folders to run without first specifying what they are. This is one of a series of posts about how to create and implement a WDAC policy for the desktop, with file path rules, and using Intune to deliver it.
About Windows Defender Application Control
Windows Defender Application Control (WDAC) is a complicated security feature to implement on the Windows 10 desktop. It’s worth taking a look at why we need to do it.