Advanced Plus Security WhiteMouse's Security Config 2023

Last updated
Jan 1, 2023
How it's used?
For home and private use
Operating system
Windows 11
On-device encryption
BitLocker Device Encryption for Windows
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates and latest features
User Access Control
Always notify
Smart App Control
Off
Network firewall
Enabled
Real-time security
Microsoft Defender
Firewall security
Microsoft Defender Firewall
About custom security
  • Security Baseline for Windows 11 22H2, Microsoft Edge and Microsoft Office.
  • Custom WDAC policy: Default Windows + Microsoft recommended block rules + Whitelist all files in Program Files by digital signature or hash + HVCI strict mode.
  • Microsoft Edge: Super Duper Secure mode on for all sites.
Periodic malware scanners
None
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Microsoft Edge: Adblock Plus, Bitwarden
Desktop VPN
Mullvad VPN
Password manager
Bitwarden
Maintenance tools
Storage Sense
File and Photo backup
Onedrive
System recovery
Macrium Reflect
Risk factors
    • Browsing the Internet without an ad-blocker
    • Browsing to unknown / untrusted / shady sites
    • Working from home
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from reputable sites
    • Gaming
    • Streaming audio/video content from trusted sites or paid subscriptions
    • Streaming audio/video content from shady sites
Notable changes
2023/1/1: Replace IVPN with Mullvad VPN
2022/12/31: Added Bitwarden extension
2022/12/21: Added Adbock Plus extension
What I'm looking for?

Not looking for any feedback.

K

kylprq

Level 4
Verified
Jul 26, 2018
146
WhiteMouse said:
I got my signed WDAC policies up and running without issue. Feel free to ask anything.
Click to expand...
is there a way to install specific program (ie. k-lite codecs it's dropping some files to sys32 directory) without deploying Allow* policy temporarily (disabling WDAC). Modifying supp policy not works because it's somehow blocks random temp/? system32/? directory access and lots of I don't even aware🤔😉
 
Last edited:
  • Like
Reactions: Jack
WhiteMouse

WhiteMouse

Level 5
Thread author
Verified
Well-known
Apr 19, 2017
237
kylprq said:
is there a way to install specific program (ie. k-lite codecs it's dropping some files to sys32 directory) without deploying Allow* policy temporarily (disabling WDAC). Modifying supp policy not works because it's somehow blocks random temp/? system32/? directory access and lots of I don't even aware🤔😉
Click to expand...
This is one thing that I still haven't had an answer for it yet. Many applications updater love to drop an Unsigned file to temp folder, there's not much thing I can do about it. I think the most secure way to install those programs is to deploy base policy with ISG (rule 14) - and hope that it doesn't block any files during install, install the program then revert back to the old base policy.
 
  • +Reputation
Reactions: kylprq
K

kylprq

Level 4
Verified
Jul 26, 2018
146
WhiteMouse said:
This is one thing that I still haven't had an answer for it yet. Many applications updater love to drop an Unsigned file to temp folder, there's not much thing I can do about it. I think the most secure way to install those programs is to deploy base policy with ISG (rule 14) - and hope that it doesn't block any files during install, install the program then revert back to the old base policy.
Click to expand...
in the future I'm planning to add temp/ ProgramFiles*/ ProgramData and system32/ as FilePath rules to unsigned supp policy for test purposes(I'm aware it's posseses risk but CS-CFW will handle the rest 👩🏼‍🦲🤷🏽‍♀️)
 
  • Like
Reactions: Nevi and Jack

Similar threads

Minimalist
    • Like
    • Applause
    • +Reputation
Advanced Plus Security Minimalist's Security Configuration 2024
Replies
3
Views
852
PC Setup Configuration Help & Showcase
Minimalist
Minimalist
R3j3ct
    • Like
Advanced Security R3j3ct's Home Laptop Config 2024
Replies
12
Views
1,356
PC Setup Configuration Help & Showcase
R3j3ct
R3j3ct
[correlate]
    • Like
    • +Reputation
Security News Windows CLFS and five exploits used by ransomware operators
Replies
0
Views
856
Security News
[correlate]
[correlate]

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top