applocker

[Eric Pagan]

Hello,

 

We’re currently using software restriction policy for application allow listing, and we’re looking to switch over to applocker. Yes, I’m aware we should’ve switched a while ago. I’ve been doing some reading, and it seems there are multiple ways to go about implementing it. Some suggest building off the default rules, and others suggest a stronger approach with publisher rules. Does anyone on this list have a good pointer for me to start off with? I came across a few templates that seem promising, but I’m curious what others have done.

 

NSA - https://github.com/nsacyber/AppLocker-Guidance

 

NCSC - https://www.ncsc.gov.uk/collection/device-security-guidance/platform-guides/windows

 

ThioJoe (looks to be geared towards individuals, but could be modified for a business) - https://www.youtube.com/watch?v=qAoM6iJEVbY

DISCLAIMER: This message is intended only for specified recipients. If you are not the intended recipient you are notified that disclosing, copying, distributing, or taking any action in reliance on the contents of this information is strictly prohibited. This communication represents the originator's personal views, which may not reflect those of The Citizens Bank. Security Warning: This message is being sent over an unsecured medium (the Internet). Recipients should not reply to this message with sensitive or confidential account information. If the need arises to communicate sensitive or confidential account information, customers should visit or contact the nearest branch office. If you received this email in error, please immediately notify postm...@tcbsc.bank.