Skip main navigation

Code Integrity Policies


Code Integrity (CI) policies allow you to restrict which applications and scripts can run on a computer. There are a variety of methods that you can use to enforce code in Windows environments including AppLocker policies on pre-Windows 10 and pre-Windows Server 2016 systems or Windows Defender Application Guard and Windows Defender Device Guard on Windows 10 and Windows Server 2016 systems configured with appropriate hardware. By restricting which code and scripts can run, you can restrict the toolset attackers can make use of to perform lateral movement.

Join the discussion

What steps do you take to ensure that your organization is up to date with software updates and patches? Use the discussion section below and let us know your thoughts. Once you’re happy with your contribution, click the Mark as complete button to check the step off, then you can move to the next step.
This article is from the free online

Microsoft Future Ready: Fundamentals of Enterprise Security

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education