Attack Surface Reduction Rules (ASR)
We have new configuration our environment Attack Surface Reduction Rules (ASR)
We have created sccm Console it self and deployed test machines
Now we have to check whether ASR rules applied or not test user machine
1.How I can pull or create Those deployment ASR rule report and if Rules are applyed or not
2.How we can check in user machine’s wether ASR rules applied or not
Is there any SQL or Power Shell script to pull report??
Thanks in Advance
Answers ( 2 )
Thanks for reply
We have created ASR rule which are available in SCCM console, now customer request is to check whether how many machines got applyed rules
Similar to success and failed and in progress Status
I think you can get the reports from the SCCM default reports ..isn’t it once you made the ASR policies in SCCM with the following steps?
In SCCM, go to Assets and Compliance > Endpoint Protection > Windows Defender Exploit Guard.
Select Home > Create Exploit Guard Policy.
Enter a name and a description, select Attack Surface Reduction, and select Next.
Choose which rules will block or audit actions and select Next.
Review the settings and select Next to create the policy.
After the policy is created, Close.