7 Managing Attack Surface Reduction for Windows

Attack surface reduction (ASR) refers to a group of capabilities that (wait for it!) reduce the attack surface of your devices by limiting their known areas of weakness. ASR first made its way to Windows 10 with feature update 1709, branded as Exploit Guard. You will still see this term referenced in some UIs and literature. In general, the term ASR has superseded it.

In this chapter, we will cover ASR capabilities for Windows that MDE customers have available:

ASR rules
Controlled folder access
Exploit protection
Network protection, including SmartScreen and web protection

Combined, ASR capabilities minimize the risk your device faces against threats such as zero days, exploits, and unauthorized ...

Get Mastering Microsoft 365 Defender now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Mastering Microsoft 365 Defender by Ru Campbell, Viktor Hedberg

7

Managing Attack Surface Reduction for Windows

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly