Advice Request How to test Defender Application Guard on untrusted sites?

Please provide comments and solutions that are helpful to the author of this topic.

HarborFront

Level 72
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,139
Should I

1) Open WDAG first then go to the site in its address bar?
2) Straight away open the site in Edge and WDAG will automatically detect and runs the untrusted site in it. Otherwise, it'll run normally in Edge if it's a trusted site.

Firstly, how to know a site is untrusted? Is it all the sites in your Favorites considered as trusted? Any untrusted sites to test? Is untrusted site the same as non-secured site i.e. sites with http?
 
Last edited:
F

ForgottenSeer 94654

Should I

1) Open WDAG first then go to the site in its address bar?
2) Straight away open the site in Edge and WDAG will automatically detect and runs the untrusted site in it. Otherwise, it'll run normally in Edge if it's a trusted site.

Firstly, how to know a site is untrusted? Is it all the sites in your Favorites considered as trusted? Any untrusted sites to test? Is untrusted site the same as non-secured site i.e. sites with http?
 

HarborFront

Level 72
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,139
Yes, I have read that. In essence you need to

1 open WDAG, then
2. go to the site

The question I want to know is how do you know the site you want to go to is an untrusted site?

My thinking was first you open normal Edge. Then go to a site. If the site is detected as untrusted WDAG would be activated and the site isolated to run in it. If the site is trusted then it'll run in normal Edge
 

Mjolnir

Level 2
Verified
Jul 4, 2019
69
Which sites are considered as untrusted is usually established by your IT admin in group policy.

"For Microsoft Edge, Application Guard helps to isolate ENTERPRISE-defined untrusted sites, protecting your company while your employees browse the Internet. As an enterprise administrator, YOU define what is among trusted web sites, cloud resources, and internal networks. Everything not on your list is considered untrusted. "

 

HarborFront

Level 72
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,139
Which sites are considered as untrusted is usually established by your IT admin in group policy.

"For Microsoft Edge, Application Guard helps to isolate ENTERPRISE-defined untrusted sites, protecting your company while your employees browse the Internet. As an enterprise administrator, YOU define what is among trusted web sites, cloud resources, and internal networks. Everything not on your list is considered untrusted. "

I'm talking for home users.
 
F

ForgottenSeer 94654

Yes, I have read that. In essence you need to

1 open WDAG, then
2. go to the site

The question I want to know is how do you know the site you want to go to is an untrusted site?

My thinking was first you open normal Edge. Then go to a site. If the site is detected as untrusted WDAG would be activated and the site isolated to run in it. If the site is trusted then it'll run in normal Edge
WDAG is just another security "solution" passed-down to consumer versions of Windows by Microsoft with no real explanation to the consumer as to how it is intended or supposed to work.
 
Last edited by a moderator:
  • Like
Reactions: HarborFront

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,508
I do not think so. MDAG (WDAG) is a simple solution - it is simpler than many safe browsers from AV suites. The Microsoft documentation is rather clear and comprehensive:
There are many online resources available via Google. The problem is rather a low popularity of MDAG (WDAG), because it does not work on Windows Home and it runs Edge browser.
 
  • Like
Reactions: HarborFront

HarborFront

Level 72
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,139
I do not think so. MDAG (WDAG) is a simple solution - it is simpler than many safe browsers from AV suites. The Microsoft documentation is rather clear and comprehensive:
There are many online resources available via Google. The problem is rather a low popularity of MDAG (WDAG), because it does not work on Windows Home and it runs Edge browser.
That article states

Quote

As an enterprise administrator, you define what is among trusted web sites, cloud resources, and internal networks. Everything not on your list is considered untrusted.

Unquote

On the enterprise level the admin is able to do that but not as a home user. Basically, all my favorites are trusted.

Now I understand. WDAG works similarly like SB/VB without a whitelist of trusted sites but at a different level. Unlike Comodo sandbox which has a whitelist of trusted sites.

Thanks guys
 
  • Like
Reactions: Andy Ful
F

ForgottenSeer 94654

That article states

Quote

As an enterprise administrator, you define what is among trusted web sites, cloud resources, and internal networks. Everything not on your list is considered untrusted.

Unquote

On the enterprise level the admin is able to do that but not as a home user. Basically, all my favorites are trusted.

Now I understand. WDAG works similarly like SB/VB without a whitelist of trusted sites but at a different level. Unlike Comodo sandbox which has a whitelist of trusted sites.

Thanks guys
Exactly. The doc is written for enterprise admins, and not home users. Not to mention that WDAG (now MDAG) was released in 2016 and yet Microsoft did not put up a doc for it online until 10\2021 - almost 5 years later.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top