Advanced Plus Security Trooper's 2022 Security Configuration

[Trooper]

It's been awhile since I have posted one of these. Figured I'd give it another go.

EDIT: UAC now set to Max.

 

[harlan4096]

Periodic security scanners -> one or 2 3rd party second opinion scanners are always welcome: KVRT, EEK...

Thanks for sharing

 

[Gandalf_The_Grey]

I would set UAC to always notify to prevent bypasses:

Gebert's straightforward mitigation advice to prevent UAC bypass attacks is setting UAC to "Always Notify." Doing so will always show the user UAC prompts before high-risk applications are executed.

Bypassing Windows 10 UAC with mock folders and DLL hijacking

A new technique uses a simplified process of DLL hijacking and mock directories to bypass Windows 10's UAC security feature and run elevated commands without alerting a user.

www.bleepingcomputer.com

 

[Trooper]

Periodic security scanners -> one or 2 3rd party second opinion scanners are always welcome: KVRT, EEK...

Thanks for sharing

It's been awhile and I kind of just plain forgot. Good idea, will add a few and report back. Thanks.

I would set UAC to always notify to prevent bypasses:

Bypassing Windows 10 UAC with mock folders and DLL hijacking

A new technique uses a simplified process of DLL hijacking and mock directories to bypass Windows 10's UAC security feature and run elevated commands without alerting a user.

www.bleepingcomputer.com

UAC is now set to max. Cheers!

 

[harlan4096]

Please reflect the changes editing Your config, thanks

 

[Trooper]

Please reflect the changes editing Your config, thanks

UAC bumped up to Max. Added EEK and ran a scan. All good.

 

[Trooper]

Any other recommendations guys?

 

[Trooper]

I guess I am ok then? Lol. Norton has been running well. I guess part of me struggles with two things. The crypto deal (I have it off), and waiting for the day when Norton fubars something on my machine. But I suppose that is what backups are for. I used to use ESET and Kaspersky but for some reason neither of these av's play nice on this computer.

 

[Trooper]

Back to MS Defender with ConfigureDefender set to high.

 

[HarborFront]

Since you are using the enterprise version make the best of it and study hardening windows using group policy.

 

[Trooper]

Since you are using the enterprise version make the best of it and study hardening windows using group policy.

Not a bad idea. I go gpo's all the time for work, but never for myself.

 

[Trooper]

Ditched BitDefender for F-Secure Safe. Everything else remains the same at the moment.

 

[L0ckJaw]

Ditched BitDefender for F-Secure Safe. Everything else remains the same at the moment.

Why ditched ?

 

[Trooper]

Why ditched ?

Performance and felt a bit too heavy for my liking. F-Secure running much lighter for me.

 

[L0ckJaw]

Performance and felt a bit too heavy for my liking. F-Secure running much lighter for me.

I also used f-secure before , good protection.
For me BD Total runs so smooth and protection wise is superb.

 

[blackice]

The biggest problem I had with BD is the update size is much larger than other AVs. On an SSD that does cause a lot of writes. Not the end of the world, but it is a bit harder on SSDs than others.

 

[L0ckJaw]

The biggest problem I had with BD is the update size is much larger than other AVs. On an SSD that does cause a lot of writes. Not the end of the world, but it is a bit harder on SSDs than others.

SSD can handle this , for me protection is the most important

 

[Trooper]

The biggest problem I had with BD is the update size is much larger than other AVs. On an SSD that does cause a lot of writes. Not the end of the world, but it is a bit harder on SSDs than others.

I noticed this as well. Forgo to mention it.

 

[blackice]

SSD can handle this , for me protection is the most important

I agree, but there are other effective options that don’t use the BD engine.

 

[L0ckJaw]

I agree, but there are other effective options that don’t use the BD engine.

Yes correct , I like the BD engine