You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Start out with a small set (for example, 10 to 50) of Windows devices and use that as your test environment to see which of the 21 mitigations, are incompatible with exploit protection. Remove the mitigations that aren't compatible with the application. Reiterate with the applications that you're targeting. Once you feel that the policy is ready for production.
58
58
59
-
Start out by pushing first to User Acceptance Testing (UAT) usually comprised of the IT administrators, Security administrators and help desk personnel. Then to 1%, 5%, 10%, 25%, 50%, 75%, and finally to 100% of your environment.
59
+
Start out by pushing first to User Acceptance Testing (UAT) comprised of the IT administrators, Security administrators and help desk personnel. Then to 1%, 5%, 10%, 25%, 50%, 75%, and finally to 100% of your environment.
60
60
61
61
## Enabling exploit protection mitigations
62
62
@@ -86,7 +86,7 @@ You can also set mitigations to [audit mode](evaluate-exploit-protection.md). Au
86
86
- Use **Add by program name** to have the mitigation applied to any running process with that name. Specify a file with its extension. You can enter a full path to limit the mitigation to only the app with that name in that location.
87
87
- Use **Choose exact file path** to use a standard Windows Explorer file picker window to find and select the file you want.
88
88
89
-
4. After selecting the app, you'll see a list of all the mitigations that can be applied. Choosing **Audit**will apply the mitigation in audit mode only. You're notified if you need to restart the process or app, or if you need to restart Windows.
89
+
4. After selecting the app, you'll see a list of all the mitigations that can be applied. Choosing **Audit**applies the mitigation in audit mode only. You're notified if you need to restart the process or app, or if you need to restart Windows.
90
90
91
91
5. Repeat steps 3-4 for all the apps and mitigations you want to configure.
92
92
@@ -98,7 +98,7 @@ You can also set mitigations to [audit mode](evaluate-exploit-protection.md). Au
98
98
99
99
7. Repeat step 6 for all the system-level mitigations you want to configure. Select **Apply** when you're done setting up your configuration.
100
100
101
-
If you add an app to the **Program settings** section and configure individual mitigation settings there, they'll be honored above the configuration for the same mitigations specified in the **System settings** section. The following matrix and examples help to illustrate how defaults work:
101
+
If you add an app to the **Program settings** section and configure individual mitigation settings there, they are honored above the configuration for the same mitigations specified in the **System settings** section. The following matrix and examples help to illustrate how defaults work:
102
102
103
103
|Enabled in **Program settings**|Enabled in **System settings**|Behavior|
104
104
|:---|:---|:---|
@@ -132,7 +132,7 @@ The result is that DEP is enabled for *test.exe*. DEP won't be enabled for any o
132
132
- Use **Add by program name** to have the mitigation applied to any running process with that name. Specify a file with an extension. You can enter a full path to limit the mitigation to only the app with that name in that location.
133
133
- Use **Choose exact file path** to use a standard Windows Explorer file picker window to find and select the file you want.
134
134
135
-
4. After selecting the app, you'll see a list of all the mitigations that can be applied. Choosing **Audit** applies the mitigation in audit mode only. You are notified if you need to restart the process or app, or if you need to restart Windows.
135
+
4. After selecting the app, you'll see a list of all the mitigations that can be applied. Choosing **Audit** applies the mitigation in audit mode only. You're notified if you need to restart the process or app, or if you need to restart Windows.
136
136
137
137
5. Repeat steps 3-4 for all the apps and mitigations you want to configure. Select **Apply** when you're done setting up your configuration.
138
138
@@ -294,7 +294,7 @@ For information about customizing the notification when a rule is triggered and
294
294
295
295
## Removing the exploit protection mitigations
296
296
297
-
To reset (undo or remove) the exploit protection mitigations, please review the [Exploit protection reference](/defender-endpoint/exploit-protection-reference).
297
+
To reset (undo or remove) the exploit protection mitigations, see the [Exploit protection reference](/defender-endpoint/exploit-protection-reference).
0 commit comments