Remediate security recommendations discovered by Windows Defender ATP.
From Microsoft Defender Security Center, there are a small number of recommendations which aren't yet able to be resolved with Security Baselines or Configuration Profiles. This script is intended to be a short term solution for applying the recommendations until either of the alternatives have been incorporated by Microsoft.
- Enable 'Local Security Authority (LSA) protection'
- Enable 'Require domain users to elevate when setting a network's location'
- Disable the local storage of passwords and credentials
- Account lockout threshold
None
Simply run from a PowerShell session as Administrator.
- Microsoft Endpoint Manager Admin Center
- Add > Windows 10
- Run this script using the logged on credentials = No
- Enforce script signature check = No
- Run script in 64 bit PowerShell Host = No
- PowerShell
None
Chris Chalmers - LinkedIn, Azure DevOps, GitHub