Thanks. It is a nice article that is close to my understanding of the preventive role of SRP nowadays. Many people prefer it for usability over AppLocker (which uses the same APIs but has got a stronger design).The admin author gives Microsoft's very reason for implementing SRP back in 2002. SRP is soooo amazing that it is the most robust protection to this very day on Windows with Microsoft working on new iterations.
The Microsoft Software Restriction Policy (SRP) is often overlooked, given perceived potential impact on applications. Adam Mansour on how SRP can help.www.intelligonetworks.com
" Right now is usually when I get the most push back on the strategy. You see, vendors of security software have for years positioned their products as “Smart Enough” to catch this behavior. Don’t worry which ones either—they are all guilty of it. Email Anti-Spam, Anti-Virus, Firewalls, you name it. Put “Next-Gen” in front of the name and they’ll go on about how many times their solution stopped such behaviors. They conveniently leave out that no matter who they are or the technique they use they don’t work 100% of the time. So, let’s talk about the times they don’t: because that’s when the software restriction policy is going to save you. "