Attack Surface Reduction|Rule -4|Block credential stealing from the Windows local security authority
Attack Surface Reduction Rules | Rule 16 | Use advanced protection against ransomwareПодробнее
Attack Surface Reduction Rules | Rule 15 | Block Win32 API calls from Office macrosПодробнее
Attack Surface Reduction Rules | Rule 14 | Block untrusted and unsigned processes that run from USBПодробнее
Attack Surface Reduction Rule -13 | Block process creations originating from PSExec and WMI commandПодробнее
Attack Surface Reduction Rules | Rule 12 | Block persistence through WMI event subscriptionПодробнее
Attack Surface Reduction|Rule 11|Block Office communication application from creating child processПодробнее
Attack Surface Reduction | Rule 10 | Block Office application from injecting code into other processПодробнее
Attack Surface Reduction Rules | Rule 9 | Block Office applications from creating executable contentПодробнее
Attack Surface Reduction|Rule-6|Block executable file from running unless they meet a prevalence,ageПодробнее
Attack Surface Reduction Rules | Rule 5 | Block executable content from email client and webmailПодробнее
Attack Surface Reduction Rules | Rule 2 | Block Adobe Reader from creating child processesПодробнее
Attack Surface Reduction|Rules 8|Block JavaScript or VBScript from launching downloaded executableПодробнее
Attack Surface Reduction Rules | Rule 7 | Block execution of potentially obfuscated scriptsПодробнее
Attack Surface Reduction Rules| Rule 3 | Block all Office applications from creating child processesПодробнее
Attack Surface Reduction Rules | Rule 1 | Block abuse of exploited vulnerable signed driversПодробнее
Block Cred Dumps using Attack Surface Reduction Rules in WindowsПодробнее