strawgate edited this page Jun 8, 2016 · 1 revision

Overview

EMET, the Enhanced Mitigation Experience Toolkit, is an anti-exploit tool developed by Microsoft and available to all organizations at no cost.

To implement EMET using C3 Protect you must follow the following steps:

  • Enable the EMET Analyses
  • Deploy EMET
  • Push an EMET policy

Implementation

Enable the EMET Analyses

The following analyses in the C3 Protect site should be enabled:

  • EMET - Configuration - Windows

Deploy EMET

Use the "Deploy - EMET - 5.5 - Windows" Fixlet in the C3 Patch site to deploy the client

Push EMET policies

Create a baseline with the following Fixlets:

  • Config - EMET Rules - Enable Default Cert Pinning Mitigations - Windows
  • Config - EMET Rules - Enable Default Mitigation Actions - Windows
  • Config - EMET Rules - Enable Microsoft Application Mitigations - Windows
  • Config - EMET Rules - Enable Popular Third-Party Mitigations - Windows

Action the baseline against your endpoints!

Clone this wiki locally
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.