My setup is aiming to be as lightweight and as conflict free as possible.
- Hardware health > Software health. This setup has low CPU, low RAM, low disk and low bandwidth usage. Fast boot speed. Security software should not run at the cost of hardware. There's no need to compromise.
- Something that will work with all types of software (translate: great for gaming even with mods). Software that is very old, software that is brand new, mods, apps, tools, and tweaks, signed or unsigned. Good security software should be able to tell what is good and what isn't.
1. Only using my standard user account and being smart and careful about what I download and where it's from.
2. Group policy settings and software/OS/driver updates are my #1 way to harden Windows.
3. Anti-Malware with a great behavior blocker and Exploit mitigations block unwanted/malicious software.
4. Hardware firewall and HOSTs file block unwanted connections system wide, and browser extensions and tweaks block all unwanted connections in their browsers.