Forum Discussion
Windows Defender Application Control deployment
Has anyone embarked on deploying WDAC?
Unfortunately, due to the nature of our estate, rather than trying to build a single device will "all" the apps on it, we've deployed audit mode to all our devices.
Using Windows Defender Security Center and advanced hunting -
DeviceEvents
| where Timestamp > ago(7d) and
ActionType startswith "AppControl"
We're hoping to be able to convert the output of advanced hunting into the WDAC xml policies.
Has anyone taken this approach?
No RepliesBe the first to reply