Skip to content

Attack Surface Reduction Rules | Harden System Security

Attack surface reduction rules - Harden Windows Security GitHub repository

Blue Check mark denoting Group Policy Attack surface reduction rules target certain software behaviors, such as: Rotating green checkmark denoting CSP CSP

  • Launching executable files and scripts that attempt to download or run files
  • Running obfuscated or otherwise suspicious scripts
  • Performing behaviors that apps don't usually initiate during normal day-to-day work

Such software behaviors are sometimes seen in legitimate applications. However, these behaviors are often considered risky because they are commonly abused by attackers through malware. Attack surface reduction rules can constrain software-based risky behaviors and help keep your organization safe.

Reducing your attack surface means protecting your devices and network, which leaves attackers with fewer ways to perform attacks. Configuring attack surface reduction rules in Windows can help!

Tip

all 19 available Attack Surface Reduction rules shown in the official chart will be enabled. The Harden System Security application also allows you to individually configure each Attack Surface Reduction rule.