Battle Edge Application Guard, who uses it and how do you have it configured?

Compare list
Microsoft Edge Application Guard

Lenny_Fox

Level 22
Thread author
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
:) not much members seem to use it, I am wondering why (because it is such an excellent and easy to setup safe browsing sandbox)

I noticed an awkward similarity between the forum members which seem to use: they either have an animal in their (user) name or in their avatar :)
 
Last edited:
F

ForgottenSeer 85179

:) not much members seem to use it, I am wondering why (because it is such an excellent and easy to setup safe browsing sandbox)
This thread is open for less than one day. This can't be used for any statistic about usage.
Wait at least one week.

I use Application Guard and highly recommend it.
"Enhanced Graphic" is the only setting i use and i wouldn't recommend other's, as they reduce the security and privacy.
 

Ink

Administrator
Verified
Staff Member
Jan 8, 2011
22,490
Windows 10 Pro user, voting No.

Overview for Application Guard.

It might be useful for open office files, not so much for browser.
The good news, it's available.
The bad news, for Enterprise only.
 

ErzCrz

Level 21
Verified
Top Poster
Well-known
Aug 19, 2019
1,082
I've got the Windows 10 Home version so sadly no proper application guard.

Exploit wise, II still use @oldschool 's setup he got from @umbra originally:

Exploit Protection settings for browsers (thanks to @Umbra). These have broken anything yet, e.g. extensions crashing.
- for Brave, Edge and Firefox:

Block low integrity images - ON
Block remote images - ON
Block untrusted fonts - ON
Control flow guard (CFG) - ON
Data execution prevention (DEP) - ON + Enable thunk emulation - CHECKED
Disable extension points - ON
Force randomization for images (Mandatory ASLR) - ON + Do not allow stripped images - CHECKED
Randomize memory allocations (Bottom-up ASLR) - ON
Validate exception chains (SEHOP) - ON
Validate handle usage - ON
Validate heap integrity - ON
Validate image dependency integrity - ON

ADD for Edge Chromium only: Code integrity guard - ON (with or without Also allow images signed by M$ Store CHECKED)
________________________________

Mind you, I've been tinkering with other setups and testing out CIS with Firefox and Thunderbird rather than using everything Microsoft tells me to do. I'd love to see some recommended exploint tweaks done via Hard_configurator.
 
  • Like
Reactions: Venustus

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top