Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/simeononsecurity/Windows-Defender-Hardening
Take advantage of some more advanced Windows Defender settings.
https://github.com/simeononsecurity/Windows-Defender-Hardening
automation powershell powershell-script windows windows-defender
Last synced: 27 days ago
JSON representation
Take advantage of some more advanced Windows Defender settings.
- Host: GitHub
- URL: https://github.com/simeononsecurity/Windows-Defender-Hardening
- Owner: simeononsecurity
- License: mit
- Created: 2020-11-15T09:11:26.000Z (almost 4 years ago)
- Default Branch: main
- Last Pushed: 2024-07-26T23:01:19.000Z (about 2 months ago)
- Last Synced: 2024-07-27T00:20:05.847Z (about 2 months ago)
- Topics: automation, powershell, powershell-script, windows, windows-defender
- Language: PowerShell
- Homepage: https://simeononsecurity.com/github/Windows-Defender-Hardening
- Size: 1.48 MB
- Stars: 54
- Watchers: 3
- Forks: 9
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
README
# Windows-Defender-Hardening
[](https://github.com/sponsors/simeononsecurity) [](https://github.com/simeononsecurity/Windows-Defender-Hardening/actions/workflows/virustotal.yml)
This script is for Windows Defender security configurations and feature enabling. It begins by elevating privileges and setting the directory to the script's root. The script then copies necessary files to the supported directories and sets process mitigations. It enables various Windows Defender features such as real-time monitoring, cloud-delivered protection, sample submission, behavior monitoring, script scanning, removable drive scanning, and others. The script also sets preferences for various protection mechanisms and parsings. The script outputs status messages for each step, ensuring the user is aware of what actions are being taken.
## What does this script do?
- Enables Cloud-delivered Protections
- Enables Controlled Folder Access
- Enables Network Protections
- Enables Intrusion Prevention System
- [Enables Windows Defender Application Control Policies](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control)
- [Enables Windows Defender Attack Surface Reduction Rules](https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction)
- [Enables Windows Defender Exploit Protections](https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/enable-exploit-protection?view=o365-worldwide#powershell)
- Implements all requirements listed in the [Windows Defender Antivirus STIG V2R1](https://dl.cyber.mil/stigs/zip/U_MS_Windows_Defender_Antivirus_V2R1_STIG.zip)
## Requirements:
- [x] Windows 10 Enterprise (**Preferred**) or Windows 10 Professional
- Windows 10 Home does not allow for GPO configurations or [ASR](https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction).
Though most of these configurations will still apply.
- Windows 10 "N" Editions are not tested.
## Recommended reading:
- [Microsoft - WDSI Defender Updates](https://www.microsoft.com/en-us/wdsi/defenderupdates)
## Download the required files:
Download the required files from the [GitHub Repository](https://github.com/simeononsecurity/Windows-Defender-STIG-Script)
## How to run the script:
**The script may be lauched from the extracted GitHub download like this:**
```
.\sos-windowsdefenderhardening.ps1
```
## Learn more about [Hardening Windows Defender](https://simeononsecurity.com/github/Windows-Defender-Hardening)
Explore the World of Cybersecurity
### Links:
- #### [github.com/simeononsecurity](https://github.com/simeononsecurity)
- #### [simeononsecurity.com](https://simeononsecurity.com)