Configure Windows Defender in Windows 10 Overview
Windows Security, earlier known as Windows Defender, is a powerful utility that can instantly set up a security system to a maximum or high with the least amount of effort. ConfigureDefender is a free tool that uses PowerShell cmdlets to execute scripts, and change group policy settings to configure these. The user interface is more straightforward, which means you don’t have to have a technical advantage. However, you will need admin privileges to make the changes.
Configure Windows Security settings instantly
ConfigureDefender is a small portable tool for configuring Windows Security or Defender settings with a click. You can apply High and Max Settings instantly. Advanced users can manually change settings using Windows Registry, Windows Group Policy, and PowerShell Commands.
This application is a part of the Hard_Configurator program, which offers a Software Restriction Policy and harden windows to make it secure. However, you can use ConfigureDefender, which is a standalone application to enhance Windows Security. The only thing it lacks is Real-Time monitoring, which has been removed as of Windows flags it.
The application offers a one-screen interface that lists down all the security settings, and their current status. On top of those settings, you have access to quick action buttons that can change Microsoft Security settings between Default, High, and Max. You can change individual settings manually as well.
When you choose the Max protection level, it clocks any suspicious attacks via Attack Surface Reduction, Controlled Folder Access, SmartScreen (set to block), and cloud level (set to block) – Defender Security Center is hidden. When you apply the change, it will apply the settings with a warning, and display the excluded folders.
Here is the list of settings available for all Windows 10 versions through ConfigureDefender
- Real-time Monitoring
- Behavior Monitoring
- Scan all downloaded files and attachments
- Reporting Level (MAPS membership level)
- Average CPU Load while scanning
- Automatic Sample Submission
- Potentially Unwanted Applications (short: PUA Protection)
- Cloud Protection Level (Default)
- Cloud Check Time Limit.
Manually Configure Settings for Windows Defender
Advanced users can manually change settings using Windows Registry, Windows Group Policy, and PowerShell Commands. These are important settings that you can learn to configure on single or multiple computers.
- Group Policy Management Console (gpedit.msc is not available in Windows Home edition)
- Direct via Registry editing (manually, via *.reg files or scripts)
- PowerShell cmdlets (set-mppreference, add-mppreference, remove-mppreference, PowerShell 5.0).
Windows Defender Registry Keys Location
All the settings are available on the following path, which can be accessed using Registry Editor.
ComputerHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows Defender
ComputerHKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindows Defender
Windows Defender GPO Location
Computer configuration > Administrative templates > Windows components > Windows Defender Antivirus.
MAPS, MpEngine, Real-time Protection, Reporting, Scan, Spynet, and Windows Defender Exploit Guard, should be inspected before using the utility if some settings are switched to ensure they are set back to the defaults. You can download it from GitHub.