Skip to content

Introduction

What is Application Control for Business?

App Control for Business introduction


Application control is crucial for protecting computer systems in today's threat landscape and offers a distinct advantage over traditional antivirus solutions. Specifically, application control uses tailored access, shifting from a model where all applications are assumed trustworthy to one where applications must earn trust before they can run.

Devices where Application Control policies are deployed on can either be centrally managed via MDM, Intune etc. or they can be home devices, devices that are private and don't belong to any organization, the computer of someone that you want to keep very much safe and secure so that even the device's owner can't willingly or forcefully compromise themselves, the possibilities are endless.


Important

Use AppControl Manager for all of your Application Control and Code Integrity management needs. It is scalable, easy to use, enterprise-ready, Azure VM ready and more importantly, it is free, open-source and always will be that way.


App Control puts the power of security directly in your hands, giving you complete control over your system and the systems you manage. Unlike other solutions that create dependency on other people, App Control eliminates the need to constantly chase and block new malware variants. Once you configure your system and define the apps and files that are permitted to run, everything else is automatically blocked.

It's time to shift from a reactive approach to a proactive one.


Application Control Usage Levels

There are many ways you can utilize Application Control features and here they are sorted by the level of restriction and protection they provide; From top (having the least restriction and protection) to bottom (having the most restriction and protection).

  1. Use Microsoft recommended driver block rules.

  2. Update Microsoft recommended driver block rules outside of the twice a year schedule.

  3. Use Microsoft recommended block rules + Recommended driver block rules
    • Use the AppControl Manager to easily deploy the User-Mode Microsoft recommended block rules on your system.
  4. Create WDAC policy for Lightly managed devices
  5. Use Smart App Control
    • It's just a toggle in Windows Security under App & Browser control. It uses a special kind of WDAC policy that provides more protection than a lightly managed workstation but less protection than a fully managed workstation.
    • It uses both of Microsoft's recommended block rules.
  6. Use Smart App Control + Strict Kernel-Mode WDAC Policy
  7. Create WDAC policy for Fully managed devices


Plan for App Control for Business lifecycle policy management

Microsoft provides the following official document to understand the decisions you need to make to establish the processes for managing and maintaining Application Control policies. The rest of them are mentioned below at the Resources section.


Documents