Advanced Plus Security Kamiloxf Security Config 2026

Last updated
Jun 11, 2026
How it's used?
For home and private use
Operating system
Windows 11
Other operating system
24H2
On-device encryption
N/A
Log-in security
    • Hardware security key
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Check for updates and Notify
Update channels
Allow stable updates only
User Access Control
Notify me only when programs try to make changes to my computer
Smart App Control
Off
Network firewall
Enabled
About WiFi router
MIKROTIK CHATEAU LTE18 AX + Sophos XG Firewall Home Editon with SSL Inspection
Real-time security
crowdstrike.png
Firewall security
Other - Next-generation Firewall (NGFW)
About custom security
- Firewall Hardening (Blocking outbound connections of LOLBins and Geo IP blocking Russian Federation, China, NorthKorea)
- O&O ShutUp++ (recomended settings)
- Core Isolation only enabled Microsoft Vulnerable Driver Blocklist
- Vulnerability scanner: Nessus Essentials
System Settings:
- Autoplay disabled
- Hide extensions for know file type - disabled
- Show hidden files - enabled
- Virtualization enabled
- Windows Update Delivery Optimization disabled
- Browser extensions forced using ManageEngine Endpoint Central - Browser Control Plus module with blocked option to add your own from outside the admin console (Appropriate registry keys are read only)
- Just in Time Admin
Periodic malware scanners
Sophos Scan&Clean
Malwarebytes Free
Eset Online Scanner
Emsisoft Emergancy Kit
Malware sample testing
I do participate in malware testing. See details about my testing environment below.
Environment for malware testing
VMWare Workstation Player
Windows 11 Enterprise
Configuration
- Defender disabled with: Defender Remover
- Admin Privileges
Install Software
- Notepad++
- Java
- Firefox
- MS Office 2010 H&S
- eMClient
- Random file on desktop
- Adobe Reader
- SysInternalsSuite
- LibreOffice 6.0
- Python environment
Sanboxie Plus (Main OS)
VM on Nas Windows 7 Enterprise
Browser(s) and extensions
Mozilla Firefox
- Ublock Origin
- Proton Pass
- Helios Web Marshall
Secure DNS
ControlD
Desktop VPN
NordVPN
Password manager
Proton Pass Premium
Maintenance tools
ManageEngine Endpoint Central (Patch Managment + Much much more )
Revo Unsinstaller portable
Own cleaning script
File and Photo backup
Synology DS420+
Subscriptions
    • Apple iCloud+ 200GB
    • Microsoft 365 Family 6TB
System recovery
Synology Active Backup for Business
Risk factors
    • Browsing to popular websites
    • Browsing to unknown / untrusted / shady sites
    • Working from home
    • Making audio/video calls
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from reputable sites
    • Downloading software and files from unknown / untrusted / shady sites
    • Requesting and accepting remote access
    • Gaming
    • Streaming audio/video content from trusted sites or paid subscriptions
    • Downloading malware samples
Computer specs
None
What I'm looking for?

Looking for medium feedback.

2026 Update:
1) SentinelOne has been replaced with CrowdStrike.
2) Helios Web Marshall has been added as a protection mechanism against malicious websites at the endpoint level.
3) 1Password has been replaced with Proton Pass Premium.
4) I have discontinued the use of separate Standard and Administrator accounts in favor of a single account protected by the Just-in-Time (JiT) Privilege mechanism (EPM).
5) Microsoft Edge has been replaced with Mozilla Firefox.
 
  • Like
  • Applause
Reactions: Gandalf_The_Grey, Shadowra and harlan4096

You may also like...