This script is for Windows Defender security configurations and feature enabling. It begins by elevating privileges and setting the directory to the script's root. The script then copies necessary files to the supported directories and sets process mitigations. It enables various Windows Defender features such as real-time monitoring, cloud-delivered protection, sample submission, behavior monitoring, script scanning, removable drive scanning, and others. The script also sets preferences for various protection mechanisms and parsings. The script outputs status messages for each step, ensuring the user is aware of what actions are being taken.
- Enables Cloud-delivered Protections
- Enables Controlled Folder Access
- Enables Network Protections
- Enables Intrusion Prevention System
- Enables Windows Defender Application Control Policies
- Enables Windows Defender Attack Surface Reduction Rules
- Enables Windows Defender Exploit Protections
- Implements all requirements listed in the Windows Defender Antivirus STIG V2R1
- Windows 10 Enterprise (Preferred) or Windows 10 Professional
- Windows 10 Home does not allow for GPO configurations or ASR. Though most of these configurations will still apply.
- Windows 10 "N" Editions are not tested.
Download the required files from the GitHub Repository
The script may be lauched from the extracted GitHub download like this:
.\sos-windowsdefenderhardening.ps1
Learn more about Hardening Windows Defender
