Credential Guard
E831603
Credential Guard is a Windows security feature that uses virtualization-based isolation to protect credentials from theft by malware and other attacks.
All labels observed (1)
| Label | Occurrences |
|---|---|
| Credential Guard canonical | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T9963327 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: Credential Guard Context triple: [Windows Security app, integratesWith, Credential Guard]
-
A.
Microsoft Defender for Identity
Microsoft Defender for Identity is a cloud-based security solution that uses on-premises Active Directory signals to detect, investigate, and respond to advanced identity-based threats in enterprise environments.
-
B.
Secure Enclave
Secure Enclave is Apple’s dedicated coprocessor for handling sensitive tasks like encryption and biometric data storage in a secure, isolated environment.
-
C.
Privileged Identity Management
Privileged Identity Management is a Microsoft security service that provides just-in-time, approval-based, and time-limited access to sensitive roles and resources to reduce the risks associated with standing administrative privileges.
-
D.
Windows NT security model
The Windows NT security model is a comprehensive, enterprise-oriented access control and authentication framework used by Windows operating systems to manage user rights, permissions, and system protection.
-
E.
System Integrity Protection
System Integrity Protection is a macOS security technology that restricts even administrative users and processes from modifying critical system files and resources to protect the operating system from malware and accidental damage.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: Credential Guard Target entity description: Credential Guard is a Windows security feature that uses virtualization-based isolation to protect credentials from theft by malware and other attacks.
-
A.
Microsoft Defender for Identity
Microsoft Defender for Identity is a cloud-based security solution that uses on-premises Active Directory signals to detect, investigate, and respond to advanced identity-based threats in enterprise environments.
-
B.
Secure Enclave
Secure Enclave is Apple’s dedicated coprocessor for handling sensitive tasks like encryption and biometric data storage in a secure, isolated environment.
-
C.
Privileged Identity Management
Privileged Identity Management is a Microsoft security service that provides just-in-time, approval-based, and time-limited access to sensitive roles and resources to reduce the risks associated with standing administrative privileges.
-
D.
Windows NT security model
The Windows NT security model is a comprehensive, enterprise-oriented access control and authentication framework used by Windows operating systems to manage user rights, permissions, and system protection.
-
E.
System Integrity Protection
System Integrity Protection is a macOS security technology that restricts even administrative users and processes from modifying critical system files and resources to protect the operating system from malware and accidental damage.
- F. None of above. chosen
Statements (47)
| Predicate | Object |
|---|---|
| instanceOf |
Windows security feature
ⓘ
credential protection technology ⓘ |
| availableInEdition |
Windows 10 Education
NERFINISHED
ⓘ
Windows 10 Enterprise NERFINISHED ⓘ Windows 11 Education NERFINISHED ⓘ Windows 11 Enterprise NERFINISHED ⓘ |
| category |
Windows security
NERFINISHED
ⓘ
identity protection ⓘ |
| componentOf | Windows Defender Credential Guard NERFINISHED ⓘ |
| configuredBy |
Group Policy
NERFINISHED
ⓘ
registry settings ⓘ |
| developedBy | Microsoft ⓘ |
| documentationURL | https://learn.microsoft.com/windows/security/identity-protection/credential-guard/credential-guard ⓘ |
| enhances | enterprise security ⓘ |
| introducedIn | Windows 10 Enterprise NERFINISHED ⓘ |
| isolates |
LSASS secrets
ⓘ
Local Security Authority Subsystem Service credentials ⓘ |
| mitigates | credential dumping tools ⓘ |
| notAvailableInEdition |
Windows 10 Home
NERFINISHED
ⓘ
Windows 10 Pro (some scenarios) NERFINISHED ⓘ |
| operatingSystem |
Windows 10
NERFINISHED
ⓘ
Windows 11 NERFINISHED ⓘ Windows Server NERFINISHED ⓘ |
| prevents | direct LSASS memory scraping ⓘ |
| protects |
Kerberos Ticket Granting Tickets
ⓘ
NTLM password hashes ⓘ credentials ⓘ domain credentials ⓘ |
| protectsFrom |
advanced persistent threats
ⓘ
credential theft attacks ⓘ malware ⓘ pass-the-hash attacks ⓘ pass-the-ticket attacks ⓘ |
| relatedTo |
Device Guard
NERFINISHED
ⓘ
Windows Defender Application Control NERFINISHED ⓘ |
| requires |
64-bit architecture
ⓘ
IOMMU ⓘ Secure Boot NERFINISHED ⓘ UEFI firmware ⓘ virtualization extensions ⓘ |
| scope |
Azure AD-joined machines
ⓘ
domain-joined machines ⓘ |
| securityModel | least privilege for credential access ⓘ |
| storesSecretsIn | isolated virtualized environment ⓘ |
| usesTechnology |
Hyper-V
NERFINISHED
ⓘ
Virtual Secure Mode NERFINISHED ⓘ virtualization-based security ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: Credential Guard Description of subject: Credential Guard is a Windows security feature that uses virtualization-based isolation to protect credentials from theft by malware and other attacks.
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.