Posted by: kurtsh | June 7, 2018

INFO: Differences between Windows AppLocker & Windows Defender Application Control

imageWhitelisting in Windows 10 has advanced quite a bit since the initial days of AppLocker.  AppLocker still exists however there is a new capability called Windows Defender Application Control that provides stronger software whitelisting:

  • Windows AppLocker prevents unsigned, unapproved user applications from running on a Windows 10 PC through user/group/role specific policies.
    It does not prevent the usage/execution of unsigned drivers or non-interactive applications (services) on that PC.
  • Windows Defender Application Control provides kernel-level, Enterprise-grade software whitelisting, leveraging Windows code integrity
    It can be applied to drivers, services, and user applications but sets a single, machine policy for the entire enterprise.
    It also has available to it, cloud-based whitelists generated by Microsoft based on the Microsoft Intelligent Security Graph.

The following is a video presentation of this technology and is available at the link below:


Categories

%d bloggers like this: