Device Guard
E831602
Device Guard is a Windows security feature that uses virtualization-based security and code integrity policies to ensure only trusted applications can run on a device.
All labels observed (1)
| Label | Occurrences |
|---|---|
| Device Guard canonical | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T9963326 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: Device Guard Context triple: [Windows Security app, integratesWith, Device Guard]
-
A.
Microsoft Defender for Identity
Microsoft Defender for Identity is a cloud-based security solution that uses on-premises Active Directory signals to detect, investigate, and respond to advanced identity-based threats in enterprise environments.
-
B.
Microsoft Defender for Endpoint
Microsoft Defender for Endpoint is an enterprise-grade endpoint security platform from Microsoft that provides advanced threat protection, detection, and response capabilities across organizational devices and networks.
-
C.
Windows Security app
The Windows Security app is a built-in Windows tool that centralizes and manages security features such as antivirus, firewall, and device protection settings.
-
D.
Windows Hello
Windows Hello is a biometric and PIN-based authentication feature in Windows that lets users securely sign in using facial recognition, fingerprints, or a device-specific PIN.
-
E.
Security Center
Security Center is a Windows XP component introduced to monitor and report the status of key security settings such as firewall, automatic updates, and antivirus protection.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: Device Guard Target entity description: Device Guard is a Windows security feature that uses virtualization-based security and code integrity policies to ensure only trusted applications can run on a device.
-
A.
Microsoft Defender for Identity
Microsoft Defender for Identity is a cloud-based security solution that uses on-premises Active Directory signals to detect, investigate, and respond to advanced identity-based threats in enterprise environments.
-
B.
Microsoft Defender for Endpoint
Microsoft Defender for Endpoint is an enterprise-grade endpoint security platform from Microsoft that provides advanced threat protection, detection, and response capabilities across organizational devices and networks.
-
C.
Windows Security app
The Windows Security app is a built-in Windows tool that centralizes and manages security features such as antivirus, firewall, and device protection settings.
-
D.
Windows Hello
Windows Hello is a biometric and PIN-based authentication feature in Windows that lets users securely sign in using facial recognition, fingerprints, or a device-specific PIN.
-
E.
Security Center
Security Center is a Windows XP component introduced to monitor and report the status of key security settings such as firewall, automatic updates, and antivirus protection.
- F. None of above. chosen
Statements (36)
| Predicate | Object |
|---|---|
| instanceOf |
Windows security feature
ⓘ
virtualization-based security feature ⓘ |
| aimsTo |
ensure only trusted applications can run
ⓘ
protect the operating system from untrusted code ⓘ reduce malware risk ⓘ |
| componentOf | Windows security stack NERFINISHED ⓘ |
| configuredBy |
Group Policy
NERFINISHED
ⓘ
PowerShell NERFINISHED ⓘ |
| developedBy | Microsoft ⓘ |
| documentationURL | https://learn.microsoft.com/windows/security/threat-protection/device-guard/device-guard-deployment-guide ⓘ |
| enforces |
kernel-mode code integrity
ⓘ
user-mode code integrity ⓘ |
| introducedIn | Windows 10 NERFINISHED ⓘ |
| operatingSystem |
Windows 10
NERFINISHED
ⓘ
Windows Server 2016 NERFINISHED ⓘ |
| policyMode | whitelisting ⓘ |
| policyType | code integrity policy ⓘ |
| protects |
system from running untrusted binaries
ⓘ
system from unapproved applications ⓘ system from unauthorized drivers ⓘ |
| relatedTo |
AppLocker
NERFINISHED
ⓘ
Credential Guard NERFINISHED ⓘ Windows Defender Application Control NERFINISHED ⓘ |
| requires |
Secure Boot
NERFINISHED
ⓘ
TPM ⓘ UEFI firmware ⓘ virtualization support in CPU ⓘ |
| status | superseded branding by Windows Defender Application Control in later Windows 10 versions ⓘ |
| supports |
audit mode
ⓘ
enforced mode ⓘ signed code integrity policies ⓘ |
| targetEnvironment | enterprise Windows deployments ⓘ |
| targetUser | enterprise administrators ⓘ |
| usesTechnology |
Hyper-V
NERFINISHED
ⓘ
code integrity policies ⓘ virtualization-based security ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: Device Guard Description of subject: Device Guard is a Windows security feature that uses virtualization-based security and code integrity policies to ensure only trusted applications can run on a device.
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.