Introduction to Attack Surface Reduction Rules Attack Surface Reduction (ASR) rules are a set of targeted security policies in Windows Defender on Windows Server 2019 that block specific behaviors commonly used by malware and attackers—without requiring signature-based detection. ASR rules target abuse of Office macros, script execution techniques, credential theft from LSASS, exploitation of email […]
Introduction to Exploit Protection Exploit Protection is a Windows Defender feature in Windows Server 2019 that applies exploit mitigation techniques to operating system processes and individual applications. It is the successor to Enhanced Mitigation Experience Toolkit (EMET) and provides a comprehensive set of memory protection, code execution prevention, and anti-exploit technologies. Exploit Protection mitigations make […]
Introduction to Windows Defender Application Control Windows Defender Application Control (WDAC) is Microsoft’s next-generation application control technology, introduced in Windows 10 and fully supported on Windows Server 2019. Unlike AppLocker, which operates in user space, WDAC policies are enforced by the Windows kernel and can be protected by Virtualization-Based Security (HVCI). WDAC supersedes Device Guard […]
Introduction to AppLocker AppLocker is an application whitelisting feature in Windows Server 2019 (Enterprise and later editions) that allows administrators to control which applications, scripts, installers, and DLLs are allowed to run based on configurable rules. Unlike software restriction policies (its predecessor), AppLocker is rule-based, auditable, and can be managed through Group Policy and PowerShell. […]
Introduction to Device Guard Device Guard is a set of hardware and software security features in Windows Server 2019 that locks down a device to run only trusted applications and drivers. It consists of two main components: Virtualization-Based Code Integrity (HVCI, also called Memory Integrity), which uses Hyper-V to protect the kernel from unsigned or […]
Introduction to Credential Guard Credential Guard is a Windows 10/Server 2019 virtualization-based security feature that isolates credential storage from the main operating system. Traditionally, the Local Security Authority Subsystem Service (LSASS) stores and manages credentials including NTLM password hashes, Kerberos tickets, and cleartext passwords (in some configurations). If an attacker gains kernel-level access or exploits […]
Introduction to NTLM Security NTLM (NT LAN Manager) is a challenge-response authentication protocol used by Windows when Kerberos is not available—for example when accessing resources by IP address instead of hostname, in workgroup environments, or when connecting to legacy systems. While Kerberos is the preferred protocol, NTLM is still present in virtually all Windows environments […]
Introduction to Kerberos Authentication Kerberos is the default authentication protocol for Windows domain environments. Introduced with Windows 2000 and continually improved in Windows Server 2019, Kerberos provides mutual authentication—both the client and the server verify each other’s identity—and uses tickets rather than transmitting passwords over the network. Understanding Kerberos is essential for troubleshooting authentication failures, […]
Introduction to Multi-Factor Authentication Multi-Factor Authentication (MFA) requires users to provide two or more verification factors before gaining access: something they know (password), something they have (phone, hardware token, smart card), or something they are (biometrics). Implementing MFA on Windows Server 2019 dramatically reduces the risk of credential-based attacks—even if a password is stolen, an […]
Introduction to Split Tunneling Split tunneling is a VPN configuration where only traffic destined for corporate resources is routed through the encrypted VPN tunnel, while internet traffic goes directly from the client through its local internet connection. Without split tunneling (full tunneling), all client traffic—including YouTube, Windows Update, and personal browsing—travels through the corporate VPN […]
Progressive Robot: Your Gateway to Comprehensive IT Solutions — Specializing in Web Development, Mobile App Development, and Expert IT Services.
© All Copyright by Progressiverobot.com
VAT Number ( 506152326 )
