Administrating Application Control v2.0.0

This task generates and configures a self-signed code-signing certificate on the endpoint for use with Windows Defender Application Control (WDAC).

This task deploys a signed Windows Defender Application Control (WDAC) Base Policy on an endpoint using a secure and controlled workflow. The policy is selected from a list of Microsoft-recommended baseline policies and applied as the system’s active base policy.

This task deploys a Custom Windows Defender Application Control (WDAC) Base Policy on the endpoint. The raw XML configuration for the policy must be provided before taking action.

This task creates and deploys a signed Windows Defender Application Control (WDAC) supplemental policy on the endpoint using a controlled and secure approach. The supplemental policy is generated as a separate policy file and linked to an existing base policy using the provided Base Policy GUID.

This task automates the end-to-end renewal, signing, and deployment of Windows Defender Application Control (WDAC) policies to ensure policies remain active and securely signed.

This task automates the taking of the thumbprint of the new certificates and then signs them to ensure policies remain active and securely signed.

This task secures the BigFix Application Control (BAC) directory by enforcing strict access control and ownership settings.

This task extracts Windows Defender Application Control (WDAC) / App Control block events from endpoint event logs for both audit and enforced modes, and generates a structured JSON report for analysis.

This task manages Windows Defender Application Control (WDAC) policies on the endpoint by supporting both supplemental policy removal and a full base policy reset using a controlled and safe approach.

This task removes all the associated files and folders related to Windows Defender Application Control (WDAC).