Are you following Zero Trust principles of verifying explicitly, using least-privileged access, and assuming breach with respect to your apps? Browse the assortment of Windows security solutions for apps and add layers of security to what you're currently using. Season your choices with some practical walkthroughs of app building, advanced endpoint management, and code integrity policies for Windows Defender Application Control.
Time to learn: 111 minutes
 WATCH
Microsoft Defender Application Control
Application control uses a Zero Trust approach to provide defense beyond traditional antivirus solutions. See how App Control works, as well as how you can enable and manage it through an allow-list. This creates a circle of trusted applications, while blocking the rest.
(5 mins)
App Control + WDAC + Smart App Control + Windows 11 + LOB + Circle of Trust + Block Rules + Reputation + Intune + Policies
|
|
 READ
Microsoft Defender Application Guard
What is Application Guard and how does it work? Learn about this hardware isolation approach and the types of devices that should use it. Specifically, read about enterprise desktops, enterprise mobile laptops, bring-your-own-device (BYOD) mobile laptops, and personal devices.
(3 mins)
Application Guard + Hyper-V + Kernel + Edge + Office + Intune + ConfigMgr
|
| |
|
|
 READ
AppLocker
After browsing the capabilities of AppLocker, learn when to use it and how to install it. Read additional considerations for virtualization and security, as well as guidance to create application control policies setting by setting. Additional guides are linked for use in different scenarios.
(8 mins)
App Control + AppLocker + WDAC + DLL + AD RMS + ACL + ActiveX + Group Policy + DoS + Virtualization + Security
|
|
READ
Windows Sandbox
If you need to safely run applications in isolation, use this lightweight desktop environment. Learn all about Windows Sandbox, prerequisites for running it, installation instructions, and usage recommendations.
(3 mins)
Virtualization + GPU + ARM64 + AMD64 + BIOS +Pro + Enterprise + Education + PowerShell
|
| |
|
|
 READ
Configure S/MIME for Windows
Secure/Multipurpose Internet Mail Extensions (S/MIME) helps you to secure email messages. First, familiarize yourself with message encryption, digital signatures, and prerequisites. Then follow the steps to choose S/MIME settings, encrypt or sign individual messages, read signed or encrypted messages, and finally install certificates from a received message.
(3 mins)
Email + Encryption + Signatures + EAS + Office 365 + PFX + PIN + Certificate
|
|
 READ
Microsoft Defender SmartScreen overview
Apply another defense layer to protect against phishing, malware, and downloading of potentially malicious files. Consider the benefits and the mechanism of Microsoft Defender SmartScreen. Then follow the steps to submit files for review.
(4 mins)
Phishing + Malware + URL + Download + Group Policy + Intune + Edge + PUA
|
| |
|
|
 READ
What is Smart App Control?
Consider a new Windows 11 protection to add on top of your other security software: Smart App Control. Find common questions and answers to what it is, how it works, and all you need to know to configure Smart App Control for your context.
(6 mins)
Apps + Windows 11 + Zero Trust + Windows Security + Diagnostic Data + Antivirus + Developer + Certificate
|
| |
|
|
READ
How Microsoft identifies malware and potentially unwanted applications
Potentially unwanted applications (PUA) represent an evolving security risk. See how Microsoft distinguishes between unknown/unrecognized software and malware. Specifically, learn about 14 different types of malicious software. Furthermore, see how unwanted software limits your control, even if it's not malware.
(10 mins)
M365 Defender + PUA + Malware + Exploit + Trojan + Control + Installation + Removal + Advertisements + Edge + Antivirus
|
|
 WATCH
Creating secure identities for apps using the Microsoft identity platform
If you're an app developer, learn how to manage identities in your apps. Attend this recorded session to master the Microsoft identity platform and secure your apps through compliant authentication and permissions.
(31 mins)
Developer + Identities + Authentication + Authorization + MS Identity Platform + Permissions + Compliance + Open-Source + AAD
|
| |
|
|
READ
Learn about using Endpoint Privilege Management with Microsoft Intune
What if you don't have administrator rights? Complete tasks that require elevated privileges with Microsoft Intune Endpoint Privilege Management. Learn about the prerequisites, getting started, important capabilities, and role-based access controls.
(7 mins)
Intune + EPM + Zero Trust + Windows 11 + Windows 10 + AAD + HAADJ + Policies + RBAC
|
|
WATCH
Introducing advanced endpoint management solutions for Microsoft Intune
Learn how Microsoft Intune's new advanced management suite takes device management to the next level. Take advantage of reduced total cost of ownership, Zero-Trust security trajectory, and help with ever-growing challenges in IT.
(30 mins)
Endpoints + Intune + Hybrid + On-Prem + Apps + M365 + VPN + Certificates + Remote Help + Microsoft Tunnel + MAM
|
| |
|
|
 EXPERIENCE
Microsoft WDAC policy wizard
Download the Windows Defender Application Control (WDAC) policy wizard and start building and deploying code integrity policies in PowerShell.
(1 mins)
WDAC + CI + Policies + PowerShell
|
Got some spare time to learn about how Windows Defender Application Control has been evolving? Watch Balancing security and flexibility when implementing Windows Defender Application Control (WDAC) (time to watch: 19 mins).
We've been catering weekly skilling snacks for four months now! What other topics would you like us to add to Windows skilling snacks: bite-sized learning for IT pros?
Continue the conversation. Find best practices. Bookmark the Windows Tech Community and follow us @MSWindowsITPro on Twitter. Looking for support? Visit Windows on Microsoft Q&A.
