How to Use Windows Server vNext to Create a Code Signing Certificate for WDAC policy And Deploy It

Comments off | Server By · 24/09/2023



How to Use Windows Server vNext to Create a Code Signing Certificate for WDAC policy And Deploy It

How to Use Windows Server vNext to Create a Code Signing Certificate for WDAC policy And Deploy It

This video shows how to install Windows Server insider vNext, install Active Directory Domain Service (AD/DS) and Active Directory Certificate Service (AD/CS), Create a Code Signing Certificate for Windows Defender Application Control (WDAC) or Application Control for Business using Enterprise CA Role. Then we will use WDACConfig module to demo creation, signing and deploying a Signed WDAC policy on the same server.

Please check out the GitHub page for full info and documentation:
https://github.com/HotCakeX/Harden-Windows-Security/wiki/How-to-Create-and-Deploy-a-Signed-WDAC-Policy-Windows-Defender-Application-Control

By deploying a Signed Windows Defender Application Control policy, a system will be secure and resistant to any form of tampering (if coupled with BitLocker and other built-in security features), in a way that even the system administrator can’t tamper or disable this security policy.

The only way for this security feature to be turned off, modified, updated or disabled will be to have access to the certificate and certificate’s private keys used to sign it.

GitHub: https://github.com/HotCakeX/Harden-Windows-Security
PowerShell Gallery: https://www.powershellgallery.com/packages/WDACConfig/

Video Thumbnail Created Using Microsoft Designer: https://designer.microsoft.com

53GB.COM GPTSTORE CPU Yougpt Gptsio Gpt-store-Nav