Windows Defender Application Control design guide

Applies to

  • Windows 10
  • Windows Server

This guide covers design and planning for Windows Defender Application Control (WDAC). It is intended to help security architects, security administrators, and system administrators create a plan that addresses specific application control requirements for different departments or business groups within an organization.

In this section

Topic Description
Understand WDAC policy design decisions This topic lists the design questions, possible answers, and ramifications of the decisions when you plan a deployment of application control policies.
Select the types of rules to create This topic lists resources you can use when selecting your application control policy rules by using WDAC.
Plan for WDAC policy management This topic describes the decisions you need to make to establish the processes for managing and maintaining WDAC policies.
Create your WDAC planning document This planning topic summarizes the information you need to research and include in your planning document.

After planning is complete, the next step is to deploy WDAC. The Windows Defender Application Control Deployment Guide covers the creation and testing of policies, deploying the enforcement setting, and managing and maintaining the policies.