mirror of
https://github.com/fleetdm/fleet
synced 2026-04-21 21:47:20 +00:00
cf6343cbd4
- Added new Windows Defender policy that checks to make sure Windows Defender is running, antivirus is enabled, real-time protect is enabled, and data protection access is enabled. - Added additional formatting to policies section
69 lines
1.5 KiB
XML
69 lines
1.5 KiB
XML
<!-- Enable Real-Time Protection -->
|
|
<Replace>
|
|
<CmdID>1</CmdID>
|
|
<Item>
|
|
<Target>
|
|
<LocURI>./Device/Vendor/MSFT/Policy/Config/Defender/AllowRealtimeMonitoring</LocURI>
|
|
</Target>
|
|
<Meta>
|
|
<Format xmlns="syncml:metinf">int</Format>
|
|
</Meta>
|
|
<Data>1</Data>
|
|
</Item>
|
|
</Replace>
|
|
|
|
<!-- Enable Cloud Protection (MAPS) -->
|
|
<Replace>
|
|
<CmdID>2</CmdID>
|
|
<Item>
|
|
<Target>
|
|
<LocURI>./Device/Vendor/MSFT/Policy/Config/Defender/AllowCloudProtection</LocURI>
|
|
</Target>
|
|
<Meta>
|
|
<Format xmlns="syncml:metinf">int</Format>
|
|
</Meta>
|
|
<Data>1</Data>
|
|
</Item>
|
|
</Replace>
|
|
|
|
<!-- Enable Behavior Monitoring -->
|
|
<Replace>
|
|
<CmdID>3</CmdID>
|
|
<Item>
|
|
<Target>
|
|
<LocURI>./Device/Vendor/MSFT/Policy/Config/Defender/AllowBehaviorMonitoring</LocURI>
|
|
</Target>
|
|
<Meta>
|
|
<Format xmlns="syncml:metinf">int</Format>
|
|
</Meta>
|
|
<Data>1</Data>
|
|
</Item>
|
|
</Replace>
|
|
|
|
<!-- Enable Script Scanning -->
|
|
<Replace>
|
|
<CmdID>4</CmdID>
|
|
<Item>
|
|
<Target>
|
|
<LocURI>./Device/Vendor/MSFT/Policy/Config/Defender/AllowScriptScanning</LocURI>
|
|
</Target>
|
|
<Meta>
|
|
<Format xmlns="syncml:metinf">int</Format>
|
|
</Meta>
|
|
<Data>1</Data>
|
|
</Item>
|
|
</Replace>
|
|
|
|
<!-- Configure Sample Submission -->
|
|
<Replace>
|
|
<CmdID>5</CmdID>
|
|
<Item>
|
|
<Target>
|
|
<LocURI>./Device/Vendor/MSFT/Policy/Config/Defender/SubmitSamplesConsent</LocURI>
|
|
</Target>
|
|
<Meta>
|
|
<Format xmlns="syncml:metinf">int</Format>
|
|
</Meta>
|
|
<Data>1</Data>
|
|
</Item>
|
|
</Replace>
|