AppControl Manager v1.8.8.0 #580
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The AppControl Manager now supports performing Advanced Hunting directly within the app. Bumped version to 1.8.8.0 Improved the toolbar menus in Event logs page and MDE Advanced Hunting page. Adjusted the margin of the titles in the pages to reduce the empty spaces.
There was a problem hiding this comment.
Copilot reviewed 18 out of 33 changed files in this pull request and generated 1 comment.
Files not reviewed (15)
- AppControl Manager/AppControl Manager.csproj: Language not supported
- AppControl Manager/Package.appxmanifest: Language not supported
- AppControl Manager/Pages/AllowNewApps/AllowNewAppsEventLogsDataGrid.xaml: Language not supported
- AppControl Manager/Pages/AllowNewApps/AllowNewAppsLocalFilesDataGrid.xaml: Language not supported
- AppControl Manager/Pages/AllowNewApps/AllowNewAppsStart.xaml: Language not supported
- AppControl Manager/Pages/BuildNewCertificate.xaml: Language not supported
- AppControl Manager/Pages/ConfigurePolicyRuleOptions.xaml: Language not supported
- AppControl Manager/Pages/CreateDenyPolicy.xaml: Language not supported
- AppControl Manager/Pages/CreateDenyPolicyFilesAndFoldersScanResults.xaml: Language not supported
- AppControl Manager/Pages/CreatePolicy.xaml: Language not supported
- AppControl Manager/Pages/CreateSupplementalPolicy.xaml: Language not supported
- AppControl Manager/Pages/CreateSupplementalPolicyFilesAndFoldersScanResults.xaml: Language not supported
- AppControl Manager/Pages/Deployment.xaml: Language not supported
- AppControl Manager/Pages/EventLogsPolicyCreation.xaml: Language not supported
- AppControl Manager/Pages/GetCIHashes.xaml: Language not supported
Comments suppressed due to low confidence (1)
AppControl Manager/Others/MicrosoftGraph.cs:607
- [nitpick] The Query property in the QueryPayload class should be marked as required to ensure it is always provided.
[JsonPropertyName("Query")]
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The AppControl Manager now seamlessly integrates Microsoft Defender for Endpoint Advanced Hunting, allowing you to perform queries directly within the app. You can retrieve and analyze hunting results with advanced filtering and sorting options. From there, you can effortlessly create App Control policies and deploy them via Intune—all without ever leaving the app.
Technical details: the implemented code is fully compatible with the ahead of time compilation (Native AOT), resulting in high performance source generated code. So whether you are using CSV files from your local system or retrieving the results from the cloud, they are processes very quickly.
AppControl Manager employs MediumIL (Medium Integrity Level) when running as an Administrator, ensuring that non-elevated processes cannot access its memory or attach debuggers. Given that the app handles sensitive information—such as Microsoft 365 authentication tokens stored in private variables—this design decision safeguards these tokens from unauthorized, unelevated access or tampering.
AppControl Manager leverages MSAL from Microsoft to manage Microsoft 365 authentications. This industry-standard library adheres to best practices for secure authentication token management.
Following the Least Privilege Access, the only required permission is
ThreatHunting.Read.AllBumped version to 1.8.8.0
Improved the toolbar menus in Event logs page and MDE Advanced Hunting page.
Adjusted the margin of the titles in the pages to reduce the empty spaces.
Updated image links in the documents.
Removed the "WDACConfig" folder from the repository.
Updated the documents to cover the new changes and features introduced in this version.
Improved the About section in the settings page. The links are now dynamically relocated based on the app window's width.