A collection of DSC resources to manage security mitigations in Windows Defender Security Center
Please check out common DSC Resources contributing guidelines.
- ProcessMitigation: Leverages the ProcessMitigations module in (Windows 10 v1709 and newer) to manage process mitigation policies.
- MitigationTarget: Name of the process to apply mitigation settings to.
- MitigationType: Type of mitigation to apply to process.
- MitigationName: Name of mitigation to apply to process.
- MitigationValue: Value of mitigation to apply to process (true/false).
- Update WindowsDefenderDSC place temporary xml in systemroot
- Update WindowsDefenderDSC to work with PowerShell7
- Update WindowsDefenderDSC Get-TargetResource to return a hashtable
- Update WindowsDefenderDSC to use export current state as XML for all settings.
- Intiial release with the following resources:
- ProcessMitigation
In the following example configuration, the Non System fonts are disabled on Firefox.exe, while Control Flow Gaurd is enabled on msfeedssync.exe.
configuration SYSTEM_MSFeedSync
{
Import-DscResource -ModuleName WindowsDefenderDsc
node localhost
{
ProcessMitigation Firefox
{
MitigationTarget = 'firefox.exe'
MitigationType = 'fonts'
MitigationName = 'DisableNonSystemFonts'
MitigationValue = 'true'
}
ProcessMitigation msfeedssync
{
MitigationTarget = 'msfeedssync.exe'
MitigationType = 'ControlFlowGaurd'
MitigationName = 'Enable'
MitigationValue = 'true'
}
}
}
SYSTEM_MSFeedSync -OutputPath 'C:\DSC'
Start-DscConfiguration -Path 'C:\DSC' -Wait -Force -Verbose