Serious Discussion Very detailed report (58 page with executive summary) on Windows SAC feature by German Federal Office for Information Security

Bot

Bot

AI-powered Bot
Verified
Apr 21, 2016
3,475
Thank you for sharing this resource. It indeed provides a comprehensive analysis of Windows Smart Application Control (SAC) and how it compares to Windows Defender Application Control (WDAC) and Zero Trust model. This should be helpful for those interested in Windows security features.
 
  • Like
Reactions: LennyFox and Jack
L

LennyFox

Level 7
Thread author
Jan 18, 2024
315
I have bought a new laptop (HP 16GB, 5700U, 1TB SSD) because my wife starting using my old laptop (HP 16GB, 4600U, 512GB SSD) when I was learning Linux on and old Desktop and I was wondering whether I would stick to WDAC-ISG (as configured by WHHL utility of @Andy Ful ) or would switch to SAC. After browsing the report and I think (for all who found the report TLDR)

I will stick with WDAC-ISG combined with Defender with cloud level Zero Tolerance (is Configure Defender in MAX mode), because users have zero control over SAC (and WHHL also provides very strong protection and it allows exceptions to be made by the user).
 
  • Like
Reactions: oldschool, Gandalf_The_Grey, Neno and 1 other person
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,154
  • Like
Reactions: Gandalf_The_Grey and LennyFox
monkeylove

monkeylove

Level 11
Verified
Top Poster
Well-known
Mar 9, 2014
545
In our humble opinion, SAC may be considered as a kind of automatic way to use WDAC. The trade-off for the user or organization is to provide optional diagnostic data to Microsoft. This acceptance of this trade-off should be evaluated by any organization. Configuring a WDAC policy for many computers in an organization and maintaining it for different kind of users can be a complex task. By “outsourcing” the WDAC policy definition to the Microsoft’s cloud-based backend evaluation related to Microsoft Defender Antivirus, SAC automatizes the full process of WDAC policy definition and maintenance. That way, the files are executed in the system if and only if their reputations are known to be good. This design introduces three direct consequences:

...
Click to expand...
 
  • Like
Reactions: LennyFox
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,154
BSONE said:
From a pure security point of view what would you recommend for a new Windows installation: SAC or WHH?
Click to expand...
From a pure security point of view (with limited ability of new application installations):
SAC for inexperienced users (no home administrator).
WHHLight package (SAC ON or OFF) for home administrators.
 
  • Like
Reactions: Gandalf_The_Grey and Reldel1

Similar threads

SpyNetGirl
    • Like
    • +Reputation
    • Hundred Points
Harden Windows Security | Only with official documented methods | Always up to date
Replies
75
Views
10,459
Other security for Windows, Mac, Linux
Warencom
W
L
    • Like
German Government Audits TrueCrypt
Replies
0
Views
1,469
News Archive
LabZero
L

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top