Join us June 17–18 for a deep dive into Copilot Control System—live expert-led sessions and Q&A on data security, agent lifecycle, adoption, and more! Learn more >

Forum Discussion

AB21805

Bronze Contributor

Apr 13, 2021

Solved

editing a current app locker policy

Hi all, I have ran a policy to devices which I thought worked locally but due to me leaving the "not configured" parts in the xml the policy has failed on devices. If I edit the app locker xml i...

Mobile Application Management (MAM)

mobile device management (mdm)

Software Management

Rudy_Ooms_MVP
Apr 14, 2021
Hi

First to answer your question, take a look at my blog. I noticed the same thing and create a blog about this

https://call4cloud.nl/2020/10/the-appocker-dilemma/

But just like nicklas is telling... there are of course always better options out there.. Device Guard/Applocker/Defender app control

But I prefer applocker.... when you need to exclude something... within my opinion, this can be done a lot quicker with applocker. Applocker is a good way to start into securing your devices.
Don't forget about PowerShell

NicklasAhlberg

Copper Contributor

Apr 14, 2021

Hello!

I recommend that you look at Microsoft Defender App Control instead of AppLocker. MDAC is the new version of AppLocker and is easier to manage. There are some really good guides and how to's at MS docs to get going with MDAC.

You may read about the differences in MDAC and AppLocker here: https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/wdac-and-applocker-overview

//Nicklas Ahlberg