From the course: Deploying and Managing Defender for Endpoint for Windows
Join today to access over 24,900 courses taught by industry experts.
Attack surface reduction rules
From the course: Deploying and Managing Defender for Endpoint for Windows
Attack surface reduction rules
- [Instructor] Defender Antivirus has a collection of intrusion prevention features that are called attack surface reduction. These can be rooted back to Windows 10, 1709, and that version of Windows introduced Exploit Guard. Exploit Guard has since been renamed to attack surface reduction. In the upcoming videos, we'll talk about how other attack surface reduction capabilities help protect Windows, but in this video we're going to focus on something called attack surface reduction rules, or ASR rules. These are part of the wider ASR feature set, which also includes something called controlled folder access. ASR rules are a way of fighting threats by restricting types of behavior in Windows. So let's consider the history of Windows and app development. Security best practices haven't always really been front of mind, and there are some things you can do in Windows that adversaries just love to leverage too. So think of things like executing code through Office macros or JavaScript…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.