{"id":53106,"date":"2025-02-19T07:53:27","date_gmt":"2025-02-18T21:53:27","guid":{"rendered":"https:\/\/www.cloudproinc.com.au\/?p=53106"},"modified":"2025-02-19T07:53:28","modified_gmt":"2025-02-18T21:53:28","slug":"enhance-windows-11-security-with-asr-rules","status":"publish","type":"post","link":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/2025\/02\/19\/enhance-windows-11-security-with-asr-rules\/","title":{"rendered":"Enhance Windows 11 Security With ASR rules"},"content":{"rendered":"\n<p>In this Microsoft Intune blog post, we will explain and demonstrate how to enhance Windows 11 security by implementing Attack Surface Reduction (ASR) rules.<\/p>\n\n\n\n<!--more-->\n\n\n\n<p>In today\u2019s digital landscape, securing endpoints has become more critical than ever. With the increasing sophistication of cyber threats, organizations must adopt robust security measures to protect their systems and data. One effective way to enhance security is by leveraging Microsoft Intune\u2019s Attack Surface Reduction (ASR) rules. These rules are designed to minimize the attack surface of your Windows 11 devices, reducing the risk of exploitation and safeguarding your infrastructure.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-understanding-attack-surface-reduction-asr-rules\">Understanding Attack Surface Reduction (ASR) Rules<\/h2>\n\n\n\n<p>Attack Surface Reduction rules are a set of configurations available in <a href=\"https:\/\/www.cloudproinc.com.au\/index.php\/category\/microsoft-intune\/\">Microsoft Intune<\/a> that help mitigate risks by blocking or restricting common attack vectors. These rules are part of Microsoft Defender for Endpoint and are specifically designed to protect against various types of threats, including malware, phishing, and exploits.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-enhance-windows-11-security-with-asr-rules\">Enhance Windows 11 Security With ASR rules<\/h2>\n\n\n\n<p>ASR rules play a crucial role in strengthening your organization\u2019s security posture. By applying these rules, you can:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Prevent malware from executing: ASR rules can block scripts and executables that are commonly used by malware to infiltrate systems.<\/li>\n\n\n\n<li>Mitigate phishing attacks: ASR rules can help identify and block malicious email attachments and links, reducing the risk of phishing attempts.<\/li>\n\n\n\n<li>Protect against exploits: ASR rules can prevent the exploitation of vulnerabilities in software and operating systems.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-implementing-asr-rules-with-microsoft-intune\">Implementing ASR Rules with Microsoft Intune<\/h2>\n\n\n\n<p>Microsoft Intune provides a centralized platform to manage and deploy ASR rules across your Windows 11 devices. Here\u2019s a step-by-step guide to implementing these rules:<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-step-1-configure-microsoft-defender-for-endpoint\">Step 1: Configure Microsoft Defender for Endpoint<\/h2>\n\n\n\n<p>Before you can deploy ASR rules, ensure that Microsoft Defender for Endpoint is properly configured. This involves setting up a connection between Microsoft Defender for Endpoint and Intune, as well as enabling the necessary features.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-step-2-create-an-asr-policy\">Step 2: Create an ASR Policy<\/h2>\n\n\n\n<p>In Intune, navigate to the <strong>Endpoint security<\/strong> section and create a new Attack Surface Reduction policy. This policy will define the specific ASR rules you want to apply to your devices.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"191\" height=\"352\" data-src=\"\/wp-content\/uploads\/2025\/02\/image.jpg\" alt=\"ASR menu\" class=\"wp-image-53107 lazyload\" data-srcset=\"\/wp-content\/uploads\/2025\/02\/image.jpg 191w, \/wp-content\/uploads\/2025\/02\/image-163x300.jpg 163w\" data-sizes=\"(max-width: 191px) 100vw, 191px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 191px; --smush-placeholder-aspect-ratio: 191\/352;\" \/><\/figure>\n\n\n\n<p>In the Platform section select Windows and set the Profile to Attach Surface Reduction Rules<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"383\" height=\"224\" data-src=\"\/wp-content\/uploads\/2025\/02\/image-1.jpg\" alt=\"ASP platform selection\" class=\"wp-image-53108 lazyload\" data-srcset=\"\/wp-content\/uploads\/2025\/02\/image-1.jpg 383w, \/wp-content\/uploads\/2025\/02\/image-1-300x175.jpg 300w\" data-sizes=\"(max-width: 383px) 100vw, 383px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 383px; --smush-placeholder-aspect-ratio: 383\/224;\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-step-3-define-asr-rules\">Step 3: Define ASR Rules<\/h2>\n\n\n\n<p>Select the ASR rules (see below) you want to implement from the list provided by Intune. These rules cover a wide range of security scenarios, such as blocking executable content from email and webmail clients, preventing Office applications from creating child processes, and more.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-asr-rules\">ASR Rules:<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Block execution of potentially obfuscated scripts<\/li>\n\n\n\n<li>Block Office communication application from creating child processes<\/li>\n\n\n\n<li>Block all Office applications from creating child processes<\/li>\n\n\n\n<li>Block Win32 API calls from Office macros<\/li>\n\n\n\n<li>Block executable files from running unless they meet a prevalence, age, or trusted list criterion<\/li>\n\n\n\n<li>Block JavaScript or VBScript from launching downloaded executable content<\/li>\n\n\n\n<li>Block untrusted and unsigned processes that run from USB<\/li>\n\n\n\n<li>Block Adobe Reader from creating child processes<\/li>\n\n\n\n<li>Block credential stealing from the Windows local security authority subsystem<\/li>\n\n\n\n<li>Block abuse of exploited vulnerable signed drivers (Device)<\/li>\n\n\n\n<li>Block persistence through WMI event subscription<\/li>\n\n\n\n<li>Block Office applications from injecting code into other processes<\/li>\n\n\n\n<li>Use advanced protection against ransomware<\/li>\n\n\n\n<li>Block executable content from email client and webmail<\/li>\n\n\n\n<li>Block process creations originating from PSExec and WMI commands<\/li>\n\n\n\n<li>Block Office applications from creating executable content<\/li>\n\n\n\n<li>Enable Controlled Folder Access<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-step-4-assign-the-asr-policy\">Step 4: Assign the ASR Policy<\/h2>\n\n\n\n<p>Assign the ASR policy to the relevant device groups in your organization. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-step-5-monitor-and-adjust\">Step 5: Monitor and Adjust<\/h2>\n\n\n\n<p>Regularly monitor the effectiveness of the ASR rules and make adjustments as needed. Intune provides detailed reporting and analytics to help you track the impact of the rules and identify any areas that may require further refinement.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-blocking-windows-11-vulnerabilities-with-asr\">Blocking Windows 11 Vulnerabilities with ASR<\/h2>\n\n\n\n<p>Windows 11, like any operating system, has vulnerabilities that malicious actors can exploit. Using ASR rules, you can significantly reduce the risk of exploitation. Here are some specific ASR rules that help block Windows 11 vulnerabilities:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-block-executable-content-from-email-and-webmail-clients\">Block executable content from email and webmail clients<\/h3>\n\n\n\n<p>This rule prevents executable files from being launched from email attachments or webmail clients. By blocking these files, you can mitigate the risk of malware being delivered through phishing emails.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-prevent-office-applications-from-creating-child-processes\">Prevent Office applications from creating child processes<\/h3>\n\n\n\n<p>Office applications are often targeted by attackers who use them to execute malicious code. This ASR rule blocks Office applications from creating child processes, effectively stopping many types of attacks that rely on this technique.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-block-credential-stealing-from-lsass\">Block credential stealing from LSASS<\/h3>\n\n\n\n<p>The Local Security Authority Subsystem Service (LSASS) is a common target for attackers seeking to steal credentials. This ASR rule blocks processes attempting to access LSASS, preventing credential theft and lateral movement within the network.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-block-executable-files-from-running-unless-they-meet-a-prevalence-age-or-trusted-list-criterion\">Block executable files from running unless they meet a prevalence, age, or trusted list criterion<\/h3>\n\n\n\n<p>This rule blocks executable files that do not meet certain criteria, such as being widely used, being older than a specified number of days, or being on a trusted list. This helps prevent the execution of potentially harmful files.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-best-practices-for-using-asr-rules\">Best Practices for Using ASR Rules<\/h2>\n\n\n\n<p>To maximize the effectiveness of ASR rules, consider the following best practices:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Continuously update ASR rules: As new threats emerge, Microsoft regularly updates ASR rules. Ensure that your policies are always up-to-date to protect against the latest threats.<\/li>\n\n\n\n<li>Test before deployment: Before applying ASR rules to your entire organization, test them on a small group of devices to identify any potential issues or conflicts.<\/li>\n\n\n\n<li>Educate users: Inform your users about the significance of ASR rules and how they contribute to overall security. Encourage them to report any issues or suspicious activities.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-conclusion\">Conclusion<\/h2>\n\n\n\n<p>Microsoft Intune\u2019s Attack Surface Reduction rules are a powerful tool for enhancing the security of your Windows 11 devices. By implementing these rules, you can effectively block vulnerabilities and protect your organization from a wide range of threats. Through regular monitoring and updates, you can ensure that your security measures remain robust and adaptive to the evolving threat landscape. Embrace the power of ASR rules and take a proactive approach to safeguarding your digital environment.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-similar-microsoft-intune-articles\">Similar Microsoft Intune articles<\/h3>\n\n\n\n<ul class=\"wp-block-yoast-seo-related-links yoast-seo-related-links\">\n<li><a href=\"https:\/\/cloudproinc.com.au\/index.php\/2024\/09\/05\/block-copy-paste-from-ios-business-apps-with-intune\/\">Block Copy Paste from iOS Business Apps with Intune<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/cloudproinc.com.au\/index.php\/2024\/07\/15\/how-to-prevent-microsoft-365-emails-from-blacklisting\/\">How to Prevent Microsoft 365 Emails from Blacklisting<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.cloudproinc.com.au\/index.php\/2024\/03\/28\/how-to-turn-off-windows-hello-in-microsoft-intune\/\">How to Turn Off Windows Hello in Microsoft Intune<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.cloudproinc.com.au\/index.php\/2024\/07\/29\/setting-up-email-to-case-in-dynamics-365\/\">Setting Up Email to Case in Dynamics 365<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.cloudproinc.com.au\/index.php\/2024\/08\/20\/hardening-azure-wiz-outpost\/\">Hardening Azure Wiz Outpost<\/a><\/li>\n<\/ul>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In this Microsoft Intune blog post, we will explain and demonstrate how to enhance Windows 11 security by implementing Attack Surface Reduction (ASR) rules.<\/p>\n","protected":false},"author":1,"featured_media":53109,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_yoast_wpseo_focuskw":"Enhancing Windows 11 Security with Microsoft Intune Attack Surface Reduction Rules","_yoast_wpseo_title":"","_yoast_wpseo_metadesc":"Enhancing Windows 11 security is easy with Microsoft Intune Attack Surface Reduction rules. Discover how to implement them effectively.","_yoast_wpseo_opengraph-title":"","_yoast_wpseo_opengraph-description":"","_yoast_wpseo_twitter-title":"","_yoast_wpseo_twitter-description":"","_et_pb_use_builder":"off","_et_pb_old_content":"","_et_gb_content_width":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[13,12],"tags":[],"class_list":["post-53106","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-microsoft-intune"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.4) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Enhance Windows 11 Security With ASR rules - CPI Consulting<\/title>\n<meta name=\"description\" content=\"Enhancing Windows 11 security is easy with Microsoft Intune Attack Surface Reduction rules. Discover how to implement them effectively.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cloudproinc.com.au\/index.php\/2025\/02\/19\/enhance-windows-11-security-with-asr-rules\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Enhance Windows 11 Security With ASR rules\" \/>\n<meta property=\"og:description\" content=\"Enhancing Windows 11 security is easy with Microsoft Intune Attack Surface Reduction rules. Discover how to implement them effectively.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cloudproinc.com.au\/index.php\/2025\/02\/19\/enhance-windows-11-security-with-asr-rules\/\" \/>\n<meta property=\"og:site_name\" content=\"CPI Consulting\" \/>\n<meta property=\"article:published_time\" content=\"2025-02-18T21:53:27+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-02-18T21:53:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cloudproinc.azurewebsites.net\/wp-content\/uploads\/2025\/02\/Enhancing-Windows-11-Security-with-Microsoft-Intune-Attack-Surface-Reduction-Rules.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"1024\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"CPI Staff\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"CPI Staff\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/cloudproinc.com.au\\\/index.php\\\/2025\\\/02\\\/19\\\/enhance-windows-11-security-with-asr-rules\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/cloudproinc.com.au\\\/index.php\\\/2025\\\/02\\\/19\\\/enhance-windows-11-security-with-asr-rules\\\/\"},\"author\":{\"name\":\"CPI Staff\",\"@id\":\"https:\\\/\\\/cloudproinc.com.au\\\/#\\\/schema\\\/person\\\/192eeeb0ce91062126ce3822ae88fe6e\"},\"headline\":\"Enhance Windows 11 Security With ASR rules\",\"datePublished\":\"2025-02-18T21:53:27+00:00\",\"dateModified\":\"2025-02-18T21:53:28+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/cloudproinc.com.au\\\/index.php\\\/2025\\\/02\\\/19\\\/enhance-windows-11-security-with-asr-rules\\\/\"},\"wordCount\":1029,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/cloudproinc.com.au\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/cloudproinc.com.au\\\/index.php\\\/2025\\\/02\\\/19\\\/enhance-windows-11-security-with-asr-rules\\\/#primaryimage\"},\"thumbnailUrl\":\"\\\/wp-content\\\/uploads\\\/2025\\\/02\\\/Enhancing-Windows-11-Security-with-Microsoft-Intune-Attack-Surface-Reduction-Rules.webp\",\"articleSection\":[\"Blog\",\"Microsoft Intune\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/cloudproinc.com.au\\\/index.php\\\/2025\\\/02\\\/19\\\/enhance-windows-11-security-with-asr-rules\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/cloudproinc.com.au\\\/index.php\\\/2025\\\/02\\\/19\\\/enhance-windows-11-security-with-asr-rules\\\/\",\"url\":\"https:\\\/\\\/cloudproinc.com.au\\\/index.php\\\/2025\\\/02\\\/19\\\/enhance-windows-11-security-with-asr-rules\\\/\",\"name\":\"Enhance Windows 11 Security With ASR rules - CPI Consulting\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/cloudproinc.com.au\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/cloudproinc.com.au\\\/index.php\\\/2025\\\/02\\\/19\\\/enhance-windows-11-security-with-asr-rules\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/cloudproinc.com.au\\\/index.php\\\/2025\\\/02\\\/19\\\/enhance-windows-11-security-with-asr-rules\\\/#primaryimage\"},\"thumbnailUrl\":\"\\\/wp-content\\\/uploads\\\/2025\\\/02\\\/Enhancing-Windows-11-Security-with-Microsoft-Intune-Attack-Surface-Reduction-Rules.webp\",\"datePublished\":\"2025-02-18T21:53:27+00:00\",\"dateModified\":\"2025-02-18T21:53:28+00:00\",\"description\":\"Enhancing Windows 11 security is easy with Microsoft Intune Attack Surface Reduction rules. Discover how to implement them effectively.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/cloudproinc.com.au\\\/index.php\\\/2025\\\/02\\\/19\\\/enhance-windows-11-security-with-asr-rules\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/cloudproinc.com.au\\\/index.php\\\/2025\\\/02\\\/19\\\/enhance-windows-11-security-with-asr-rules\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/cloudproinc.com.au\\\/index.php\\\/2025\\\/02\\\/19\\\/enhance-windows-11-security-with-asr-rules\\\/#primaryimage\",\"url\":\"\\\/wp-content\\\/uploads\\\/2025\\\/02\\\/Enhancing-Windows-11-Security-with-Microsoft-Intune-Attack-Surface-Reduction-Rules.webp\",\"contentUrl\":\"\\\/wp-content\\\/uploads\\\/2025\\\/02\\\/Enhancing-Windows-11-Security-with-Microsoft-Intune-Attack-Surface-Reduction-Rules.webp\",\"width\":1024,\"height\":1024},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/cloudproinc.com.au\\\/index.php\\\/2025\\\/02\\\/19\\\/enhance-windows-11-security-with-asr-rules\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.cloudproinc.com.au\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Enhance Windows 11 Security With ASR rules\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/cloudproinc.com.au\\\/#website\",\"url\":\"https:\\\/\\\/cloudproinc.com.au\\\/\",\"name\":\"Cloud Pro Inc - CPI Consulting Pty Ltd\",\"description\":\"Cloud, AI &amp; Cybersecurity Consulting | Melbourne\",\"publisher\":{\"@id\":\"https:\\\/\\\/cloudproinc.com.au\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/cloudproinc.com.au\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/cloudproinc.com.au\\\/#organization\",\"name\":\"Cloud Pro Inc - Cloud Pro Inc - CPI Consulting Pty Ltd\",\"url\":\"https:\\\/\\\/cloudproinc.com.au\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/cloudproinc.com.au\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/favfinalfile.png\",\"contentUrl\":\"\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/favfinalfile.png\",\"width\":500,\"height\":500,\"caption\":\"Cloud Pro Inc - Cloud Pro Inc - CPI Consulting Pty Ltd\"},\"image\":{\"@id\":\"https:\\\/\\\/cloudproinc.com.au\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/cloudproinc.com.au\\\/#\\\/schema\\\/person\\\/192eeeb0ce91062126ce3822ae88fe6e\",\"name\":\"CPI Staff\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/2d96eeb53b791d92c8c50dd667e3beec92c93253bb6ff21c02cfa8ca73665c70?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/2d96eeb53b791d92c8c50dd667e3beec92c93253bb6ff21c02cfa8ca73665c70?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/2d96eeb53b791d92c8c50dd667e3beec92c93253bb6ff21c02cfa8ca73665c70?s=96&d=mm&r=g\",\"caption\":\"CPI Staff\"},\"sameAs\":[\"http:\\\/\\\/www.cloudproinc.com.au\"],\"url\":\"https:\\\/\\\/cloudproinc.azurewebsites.net\\\/index.php\\\/author\\\/cpiadmin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Enhance Windows 11 Security With ASR rules - CPI Consulting","description":"Enhancing Windows 11 security is easy with Microsoft Intune Attack Surface Reduction rules. Discover how to implement them effectively.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cloudproinc.com.au\/index.php\/2025\/02\/19\/enhance-windows-11-security-with-asr-rules\/","og_locale":"en_US","og_type":"article","og_title":"Enhance Windows 11 Security With ASR rules","og_description":"Enhancing Windows 11 security is easy with Microsoft Intune Attack Surface Reduction rules. Discover how to implement them effectively.","og_url":"https:\/\/cloudproinc.com.au\/index.php\/2025\/02\/19\/enhance-windows-11-security-with-asr-rules\/","og_site_name":"CPI Consulting","article_published_time":"2025-02-18T21:53:27+00:00","article_modified_time":"2025-02-18T21:53:28+00:00","og_image":[{"width":1024,"height":1024,"url":"https:\/\/cloudproinc.azurewebsites.net\/wp-content\/uploads\/2025\/02\/Enhancing-Windows-11-Security-with-Microsoft-Intune-Attack-Surface-Reduction-Rules.webp","type":"image\/webp"}],"author":"CPI Staff","twitter_card":"summary_large_image","twitter_misc":{"Written by":"CPI Staff","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/cloudproinc.com.au\/index.php\/2025\/02\/19\/enhance-windows-11-security-with-asr-rules\/#article","isPartOf":{"@id":"https:\/\/cloudproinc.com.au\/index.php\/2025\/02\/19\/enhance-windows-11-security-with-asr-rules\/"},"author":{"name":"CPI Staff","@id":"https:\/\/cloudproinc.com.au\/#\/schema\/person\/192eeeb0ce91062126ce3822ae88fe6e"},"headline":"Enhance Windows 11 Security With ASR rules","datePublished":"2025-02-18T21:53:27+00:00","dateModified":"2025-02-18T21:53:28+00:00","mainEntityOfPage":{"@id":"https:\/\/cloudproinc.com.au\/index.php\/2025\/02\/19\/enhance-windows-11-security-with-asr-rules\/"},"wordCount":1029,"commentCount":0,"publisher":{"@id":"https:\/\/cloudproinc.com.au\/#organization"},"image":{"@id":"https:\/\/cloudproinc.com.au\/index.php\/2025\/02\/19\/enhance-windows-11-security-with-asr-rules\/#primaryimage"},"thumbnailUrl":"\/wp-content\/uploads\/2025\/02\/Enhancing-Windows-11-Security-with-Microsoft-Intune-Attack-Surface-Reduction-Rules.webp","articleSection":["Blog","Microsoft Intune"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/cloudproinc.com.au\/index.php\/2025\/02\/19\/enhance-windows-11-security-with-asr-rules\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/cloudproinc.com.au\/index.php\/2025\/02\/19\/enhance-windows-11-security-with-asr-rules\/","url":"https:\/\/cloudproinc.com.au\/index.php\/2025\/02\/19\/enhance-windows-11-security-with-asr-rules\/","name":"Enhance Windows 11 Security With ASR rules - CPI Consulting","isPartOf":{"@id":"https:\/\/cloudproinc.com.au\/#website"},"primaryImageOfPage":{"@id":"https:\/\/cloudproinc.com.au\/index.php\/2025\/02\/19\/enhance-windows-11-security-with-asr-rules\/#primaryimage"},"image":{"@id":"https:\/\/cloudproinc.com.au\/index.php\/2025\/02\/19\/enhance-windows-11-security-with-asr-rules\/#primaryimage"},"thumbnailUrl":"\/wp-content\/uploads\/2025\/02\/Enhancing-Windows-11-Security-with-Microsoft-Intune-Attack-Surface-Reduction-Rules.webp","datePublished":"2025-02-18T21:53:27+00:00","dateModified":"2025-02-18T21:53:28+00:00","description":"Enhancing Windows 11 security is easy with Microsoft Intune Attack Surface Reduction rules. Discover how to implement them effectively.","breadcrumb":{"@id":"https:\/\/cloudproinc.com.au\/index.php\/2025\/02\/19\/enhance-windows-11-security-with-asr-rules\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cloudproinc.com.au\/index.php\/2025\/02\/19\/enhance-windows-11-security-with-asr-rules\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cloudproinc.com.au\/index.php\/2025\/02\/19\/enhance-windows-11-security-with-asr-rules\/#primaryimage","url":"\/wp-content\/uploads\/2025\/02\/Enhancing-Windows-11-Security-with-Microsoft-Intune-Attack-Surface-Reduction-Rules.webp","contentUrl":"\/wp-content\/uploads\/2025\/02\/Enhancing-Windows-11-Security-with-Microsoft-Intune-Attack-Surface-Reduction-Rules.webp","width":1024,"height":1024},{"@type":"BreadcrumbList","@id":"https:\/\/cloudproinc.com.au\/index.php\/2025\/02\/19\/enhance-windows-11-security-with-asr-rules\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.cloudproinc.com.au\/"},{"@type":"ListItem","position":2,"name":"Enhance Windows 11 Security With ASR rules"}]},{"@type":"WebSite","@id":"https:\/\/cloudproinc.com.au\/#website","url":"https:\/\/cloudproinc.com.au\/","name":"Cloud Pro Inc - CPI Consulting Pty Ltd","description":"Cloud, AI &amp; Cybersecurity Consulting | Melbourne","publisher":{"@id":"https:\/\/cloudproinc.com.au\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cloudproinc.com.au\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/cloudproinc.com.au\/#organization","name":"Cloud Pro Inc - Cloud Pro Inc - CPI Consulting Pty Ltd","url":"https:\/\/cloudproinc.com.au\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cloudproinc.com.au\/#\/schema\/logo\/image\/","url":"\/wp-content\/uploads\/2022\/01\/favfinalfile.png","contentUrl":"\/wp-content\/uploads\/2022\/01\/favfinalfile.png","width":500,"height":500,"caption":"Cloud Pro Inc - Cloud Pro Inc - CPI Consulting Pty Ltd"},"image":{"@id":"https:\/\/cloudproinc.com.au\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/cloudproinc.com.au\/#\/schema\/person\/192eeeb0ce91062126ce3822ae88fe6e","name":"CPI Staff","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/2d96eeb53b791d92c8c50dd667e3beec92c93253bb6ff21c02cfa8ca73665c70?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/2d96eeb53b791d92c8c50dd667e3beec92c93253bb6ff21c02cfa8ca73665c70?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/2d96eeb53b791d92c8c50dd667e3beec92c93253bb6ff21c02cfa8ca73665c70?s=96&d=mm&r=g","caption":"CPI Staff"},"sameAs":["http:\/\/www.cloudproinc.com.au"],"url":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/author\/cpiadmin\/"}]}},"jetpack_featured_media_url":"\/wp-content\/uploads\/2025\/02\/Enhancing-Windows-11-Security-with-Microsoft-Intune-Attack-Surface-Reduction-Rules.webp","jetpack-related-posts":[{"id":56864,"url":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/2026\/01\/09\/secure-windows-11-devices-with-defender-xdr\/","url_meta":{"origin":53106,"position":0},"title":"Secure Windows 11 Devices with Defender XDR","author":"CPI Staff","date":"January 9, 2026","format":false,"excerpt":"Learn how to use Microsoft Defender XDR to harden Windows 11 endpoints, detect real threats faster, and automate response with practical configuration steps and rollout tips.","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"\/wp-content\/uploads\/2026\/01\/post-1.png","width":350,"height":200,"srcset":"\/wp-content\/uploads\/2026\/01\/post-1.png 1x, \/wp-content\/uploads\/2026\/01\/post-1.png 1.5x, \/wp-content\/uploads\/2026\/01\/post-1.png 2x, \/wp-content\/uploads\/2026\/01\/post-1.png 3x, \/wp-content\/uploads\/2026\/01\/post-1.png 4x"},"classes":[]},{"id":56909,"url":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/2026\/01\/29\/intune-device-type-restriction-policies-explained\/","url_meta":{"origin":53106,"position":1},"title":"Intune Device Type Restriction Policies Explained","author":"CPI Staff","date":"January 29, 2026","format":false,"excerpt":"Learn what Intune device type restriction policies are, how they work, and how to configure them to reduce risk while keeping onboarding smooth for users.","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"\/wp-content\/uploads\/2026\/01\/post-10.png","width":350,"height":200,"srcset":"\/wp-content\/uploads\/2026\/01\/post-10.png 1x, \/wp-content\/uploads\/2026\/01\/post-10.png 1.5x, \/wp-content\/uploads\/2026\/01\/post-10.png 2x, \/wp-content\/uploads\/2026\/01\/post-10.png 3x, \/wp-content\/uploads\/2026\/01\/post-10.png 4x"},"classes":[]},{"id":57373,"url":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/2026\/04\/02\/how-ai-is-expanding-the-attack-surface-for-mid-market-organisations\/","url_meta":{"origin":53106,"position":2},"title":"How AI Is Expanding the Attack Surface for Mid-Market Organisations","author":"CPI Staff","date":"April 2, 2026","format":false,"excerpt":"The attack surface for mid-market organisations has expanded faster than most security strategies have adapted. AI is not just a tool for defenders. It is now an operational accelerator for attackers \u2014 and the techniques are not science fiction. Google's Threat Intelligence Group, Mandiant, and multiple cybersecurity vendors have documented\u2026","rel":"","context":"In &quot;AI&quot;","block_context":{"text":"AI","link":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/category\/ai\/"},"img":{"alt_text":"","src":"\/wp-content\/uploads\/2026\/04\/from-vishing-to-data-poisoning-ai-expanding-attack-surface-cover.png","width":350,"height":200,"srcset":"\/wp-content\/uploads\/2026\/04\/from-vishing-to-data-poisoning-ai-expanding-attack-surface-cover.png 1x, \/wp-content\/uploads\/2026\/04\/from-vishing-to-data-poisoning-ai-expanding-attack-surface-cover.png 1.5x, \/wp-content\/uploads\/2026\/04\/from-vishing-to-data-poisoning-ai-expanding-attack-surface-cover.png 2x, \/wp-content\/uploads\/2026\/04\/from-vishing-to-data-poisoning-ai-expanding-attack-surface-cover.png 3x, \/wp-content\/uploads\/2026\/04\/from-vishing-to-data-poisoning-ai-expanding-attack-surface-cover.png 4x"},"classes":[]},{"id":53625,"url":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/2025\/08\/16\/manage-windows-11-byod-devices-with-microsoft-intune\/","url_meta":{"origin":53106,"position":3},"title":"Manage Windows 11 BYOD Devices with Microsoft Intune","author":"CPI Staff","date":"August 16, 2025","format":false,"excerpt":"This post \"Manage Windows 11 BYOD Devices with Microsoft Intune\" explores what Intune can do for Windows 11 BYOD, its benefits and disadvantages, and the steps to implement and onboard personal Windows 11 devices. In the modern workplace, flexibility is no longer a perk\u2014it\u2019s an expectation. Many organisations have embraced\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"\/wp-content\/uploads\/2025\/08\/manage-windows-11-byod-devices-with-microsoft-intune-1.png","width":350,"height":200,"srcset":"\/wp-content\/uploads\/2025\/08\/manage-windows-11-byod-devices-with-microsoft-intune-1.png 1x, \/wp-content\/uploads\/2025\/08\/manage-windows-11-byod-devices-with-microsoft-intune-1.png 1.5x, \/wp-content\/uploads\/2025\/08\/manage-windows-11-byod-devices-with-microsoft-intune-1.png 2x, \/wp-content\/uploads\/2025\/08\/manage-windows-11-byod-devices-with-microsoft-intune-1.png 3x, \/wp-content\/uploads\/2025\/08\/manage-windows-11-byod-devices-with-microsoft-intune-1.png 4x"},"classes":[]},{"id":417,"url":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/2024\/07\/23\/how-to-use-microsoft-graph-security-api\/","url_meta":{"origin":53106,"position":4},"title":"How to Use Microsoft Graph Security API","author":"CPI Staff","date":"July 23, 2024","format":false,"excerpt":"In this Microsoft Defender XDR article, we will show how to use Microsoft Graph Security API using a REST API client and retrieve XDR alerts. Microsoft Defender Extended Detection and Response (XDR) is an enterprise end-to-end security solution that detects, prevents, investigates and responds to security threats from endpoints, users,\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"\/wp-content\/uploads\/2024\/07\/How-to-Use-Microsoft-Graph-Security-API.webp","width":350,"height":200,"srcset":"\/wp-content\/uploads\/2024\/07\/How-to-Use-Microsoft-Graph-Security-API.webp 1x, \/wp-content\/uploads\/2024\/07\/How-to-Use-Microsoft-Graph-Security-API.webp 1.5x, \/wp-content\/uploads\/2024\/07\/How-to-Use-Microsoft-Graph-Security-API.webp 2x, \/wp-content\/uploads\/2024\/07\/How-to-Use-Microsoft-Graph-Security-API.webp 3x, \/wp-content\/uploads\/2024\/07\/How-to-Use-Microsoft-Graph-Security-API.webp 4x"},"classes":[]},{"id":57260,"url":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/2026\/03\/16\/how-ai-agents-will-reshape-enterprise-it-over-the-next-3-years\/","url_meta":{"origin":53106,"position":5},"title":"How AI Agents Will Reshape Enterprise IT Over the Next 3 Years","author":"CPI Staff","date":"March 16, 2026","format":false,"excerpt":"AI agents will not replace your IT team, but they will change how support, security, onboarding, and reporting get done. Here is what business leaders should prepare for now.","rel":"","context":"In &quot;AI&quot;","block_context":{"text":"AI","link":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/category\/ai\/"},"img":{"alt_text":"","src":"\/wp-content\/uploads\/2026\/03\/post-24.png","width":350,"height":200,"srcset":"\/wp-content\/uploads\/2026\/03\/post-24.png 1x, \/wp-content\/uploads\/2026\/03\/post-24.png 1.5x, \/wp-content\/uploads\/2026\/03\/post-24.png 2x, \/wp-content\/uploads\/2026\/03\/post-24.png 3x, \/wp-content\/uploads\/2026\/03\/post-24.png 4x"},"classes":[]}],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/wp-json\/wp\/v2\/posts\/53106","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/wp-json\/wp\/v2\/comments?post=53106"}],"version-history":[{"count":1,"href":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/wp-json\/wp\/v2\/posts\/53106\/revisions"}],"predecessor-version":[{"id":53110,"href":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/wp-json\/wp\/v2\/posts\/53106\/revisions\/53110"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/wp-json\/wp\/v2\/media\/53109"}],"wp:attachment":[{"href":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/wp-json\/wp\/v2\/media?parent=53106"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/wp-json\/wp\/v2\/categories?post=53106"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudproinc.azurewebsites.net\/index.php\/wp-json\/wp\/v2\/tags?post=53106"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}