Device Guard

E831602

Windows security feature virtualization-based security feature

Device Guard is a Windows security feature that uses virtualization-based security and code integrity policies to ensure only trusted applications can run on a device.

Try in SPARQL Jump to: Statements Referenced by

Statements (36)

Predicate	Object
instanceOf	Windows security feature ⓘ virtualization-based security feature ⓘ
aimsTo	ensure only trusted applications can run ⓘ protect the operating system from untrusted code ⓘ reduce malware risk ⓘ
componentOf	Windows security stack NERFINISHED ⓘ
configuredBy	Group Policy NERFINISHED ⓘ PowerShell NERFINISHED ⓘ
developedBy	Microsoft ⓘ
documentationURL	https://learn.microsoft.com/windows/security/threat-protection/device-guard/device-guard-deployment-guide ⓘ
enforces	kernel-mode code integrity ⓘ user-mode code integrity ⓘ
introducedIn	Windows 10 NERFINISHED ⓘ
operatingSystem	Windows 10 NERFINISHED ⓘ Windows Server 2016 NERFINISHED ⓘ
policyMode	whitelisting ⓘ
policyType	code integrity policy ⓘ
protects	system from running untrusted binaries ⓘ system from unapproved applications ⓘ system from unauthorized drivers ⓘ
relatedTo	AppLocker NERFINISHED ⓘ Credential Guard NERFINISHED ⓘ Windows Defender Application Control NERFINISHED ⓘ
requires	Secure Boot NERFINISHED ⓘ TPM ⓘ UEFI firmware ⓘ virtualization support in CPU ⓘ
status	superseded branding by Windows Defender Application Control in later Windows 10 versions ⓘ
supports	audit mode ⓘ enforced mode ⓘ signed code integrity policies ⓘ
targetEnvironment	enterprise Windows deployments ⓘ
targetUser	enterprise administrators ⓘ
usesTechnology	Hyper-V NERFINISHED ⓘ code integrity policies ⓘ virtualization-based security ⓘ

Referenced by (1)

Full triples — surface form annotated when it differs from this entity's canonical label.

Windows Security app → integratesWith → Device Guard ⓘ