• Only a Small Portion of The Windows OS Security Apparatus
• SUPERIORITY
• Intelligent Security Graph (ISG)
• No 0-day/Unknown File Allowed (ASR)
• Rigorous Custom Exploit Protections
• Network Protection
• Cloud Protection
• Cloud-Based Remote Detonation And Analysis
• Block At First Sight
• Intel Threat Detection Technology (TDT)
• Remote Encryption Protection
• Brute Force Protection
• Windows Updates Installed Within 24 Hours Of Release
• Microsoft Defender Updates Installed Every 3 Hours
• ULTIMATUM
• App Control for Business (WDAC)
• Complete BYOVD Protection
• Application Cross-Dependency Usage Control
• Controlled Folder Access
• Smart App Control
• Hyper-V & Windows Sandbox (Untrusted Software Usage)
• Windows Defender Firewall (Rule Based)
• Automated Firewall With AppID Tagging
• Win32 App Isolation
• VBS Enclaves
• UEFI Locked Settings (To Require Proof Of Physical Presence)
• Early Launch AntiMalware (ELAM)
• Physical Security
• BitLocker
• Startup Key (USB Flash Drive)
• Secure Boot (PCR7 Binding)
• TPM
• Startup PIN
• Firmware Security
• System Management Mode (SMM) Protection
• Static Root of Trust for Measurement (SRTM)
• Secure Launch (DRTM)
• Secure Memory Overwrite
• TCG Storage Security Drive Password
• Mode Based Execution Control
• UEFI Password
• UEFI Code ReadOnly
• Kernel DMA Protection
• Pluton
• APIC Virtualization
• Secure Boot
• IDENTITY (In the Abstract Sense)
• Smart Screen
• Potentially Unwanted Application (PUA) Protection
• Valid Signature Required For Elevation
• Behavioral Analysis
• Static Signature Analysis
• Personal Data Encryption (PDE)
• Enhanced Sign-in Security (ESS)
• Credential Guard
• Admin-less
• Windows Hello Multi-Factor Authentication
• Zero Trust DNS (ZTDNS)
• Advanced Intelligence-Based Phishing Protection
• Continue Reading