How to use Windows Defender Attack Surface Reduction rules

With Microsoft's Attack Surface Reduction, you can set rules to block risky actions for each workstation on your network.

With all the attacks in the news recently, can you take steps to protect workstations that you already have and might not have enabled? Yes, and most of the steps are built into the operating system you already have.

Windows 10’s Attack Surface Reduction (ASR) rules are part of Windows Defender Exploit Guard. These settings block certain processes and executable processes that attackers use. ASR features are available in:

  • Windows 10 Pro, version 1709 or later
  • Windows 10 Enterprise, version 1709 or later
  • Windows Server, version 1803 (Semi-Annual Channel) or later
  • Windows Server 2019

If you have Windows 10 Pro but no enterprise license, you won’t have the full reporting and monitoring features, but you can still set up the protections.

To continue reading this article register now

Subscribe today! Get the best in cybersecurity, delivered to your inbox.