Windows Defender Application Control Wizard

Applies to:

  • Windows 10
  • Windows Server 2016 and above

The Windows Defender Application Control (WDAC) policy Wizard is an open source Windows desktop application written in C# and bundled as an MSIX package. The Wizard was built to provide security architects, security and system administrators with a more user-friendly means to create, edit, and merge WDAC policies. The Wizard desktop application uses the ConfigCI PowerShell Cmdlets in the backend so the output policy of the Wizard and PowerShell cmdlets is identical.

Downloading the application

The WDAC Wizard can be downloaded from the official Wizard installer website as an MSIX packaged application. The Wizard's source code is available as part of Microsoft's Open Source Software offerings on GitHub at the WDAC Wizard Repo.

Supported Clients

As the WDAC Wizard uses the cmdlets in the background, the Wizard is functional on clients only where the cmdlets are supported as outlined in WDAC feature availability. Specifically, the tool will verify that the client meets one of the following requirements:

  • Windows builds 1909+
  • For pre-1909 builds, the Enterprise SKU of Windows is installed

If neither requirement is satisfied, the Wizard will throw an error as the cmdlets are not available.

In this section

Topic Description
Creating a new base policy This article describes how to create a new base policy using one of the supplied policy templates.
Creating a new supplemental policy This article describes the steps necessary to create a supplemental policy, from one of the supplied templates, for an existing base policy.
Editing a base or supplemental policy This article demonstrates how to modify an existing policy and the Wizard's editing capabilities.
Merging policies This article describes how to merge policies into a single application control policy.