Ideally, we would lock down our operating systems to allow only those applications we want to have running. For many companies, however, investigating what software is running in their networks takes resources and research that they often don’t have.
A tool built into Windows can provide better control over what runs on your system. Windows Defender Application Control (WDAC), also referred to as Microsoft Defender Application Control (MDAC), was introduced with Windows 10 and allows you to control drivers and applications on your Windows clients. Some WDAC capabilities are available only on specific Windows versions. Cmdlets are available on all SKUs since 1909. An older Microsoft whitelisting technology, AppLocker, is no longer being developed and will receive security fixes but no new features.