Select Page
Sample file path rules

Delivering major enhancements in Windows Defender Application Control with the Windows 10 May 2019 Update

With the Windows 10 May 2019 Update we delivered several important features for Windows Defender Application Control (WDAC), which was originally introduced to Windows as part of a scenario called Device Guard. WDAC works in conjunction with features like Windows ... continue reading
Awesomeness Made Easy With PowerBI

Awesomeness Made Easy With PowerBI

First published on TECHNET on Dec 12, 2017Hi all,My name is Dave Coles and I'm a Senior Premier Field Engineer based in the UK who specializes in SCCM and Application Virtualization.As we know, creating reports in SCCM using SSRB is ... continue reading
Getting Started with Windows 10 Device Guard - Create Code Integrity Signing Certificate

Getting Started with Windows 10 Device Guard – Create Code Integrity Signing Certificate

First published on TECHNET on May 04, 2017Back to Getting Started with Windows 10 Device Guard – Part 2 of 2 contentsGetting Started with Windows 10 Device Guard - Create Code Signing CertificateTo sign our catalog, we require a code ... continue reading

Rest easy with regulatory compliance in Windows Server 2016

First published on TECHNET on Apr 24, 2017 [This blog post was originally published at: https://blogs.technet.microsoft.com/hybridcloud/2017/04/11/rest-easy-with-regulatory-compliance-in-windows-server-2016/] Last month we learned that Windows Server 2016 has achieved Common Criteria certification for the General Purpose OS protection profile. This international standard is ... continue reading

Use Windows Server 2016 to secure a jump server

First published on TECHNET on Feb 02, 2017 When talking to customers about the security features in Windows Server 2016, a common question keeps coming up, how do I secure my jump server? Recently, I worked with a Microsoft internal ... continue reading

Step-by-step: Quick reference guide to deploying guarded hosts

First published on TECHNET on Jun 08, 2016 My original blog post on the topic of deploying Shielded VMs without VMM included the instructions to deploy guarded hosts. Based on feedback around keeping the blog posts short and scenario-focused, I ... continue reading
App-V Sync not working if Device Guard is enabled

App-V Sync not working if Device Guard is enabled

First published on MSDN on Sep 11, 2018Hi there,In September 2017 Rollup there where some changes to Device Guard which increase teh Overall security of your System. As a result the way how our SyncAppVPublishingServer.exe does it work no longer ... continue reading
Screenshot of obfuscated script

Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV

Consider this scenario: Two never-before-seen, heavily obfuscated scripts manage to slip past file-based detection and dynamically load an info-stealing payload into memory. The scripts are part of a social engineering campaign that tricks potential victims into running the scripts, which ... continue reading
Desired State Configuration (DSC) Planning Update – September 2018

Desired State Configuration (DSC) Planning Update – September 2018

2018 has been the most active year ever for the DSC community. The DSC team is taking on major new areas of work in Azure, and we have made significant progress in development of the new DSC platform. In this ... continue reading

PowerShell Constrained Language Mode

PowerShell Constrained Language Mode What is PowerShell Constrained Language? PowerShell Constrained Language is a language mode of PowerShell designed to support day-to-day administrative tasks, yet restrict access to sensitive language elements that can be used to invoke arbitrary Windows APIs ... continue reading