Windows 10 virtualization-based security has not received much attention so far, but it is one of the operating system's most significant security features.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
The idea behind virtualization-based security is actually simple. If a process, or data, is virtualized, then it is isolated from the rest of the operating system, and therefore it is more difficult to tamper with. Isolated User Mode allows for a secure kernel and secure applications.
A number of different areas of the Windows operating system rely on virtualization-based security. Credential Guard, for example, uses a virtualized environment to store and prevent credential theft. In the past, hackers could steal credentials with a pass the hash attack, which virtualization-based security protects against.
Device Guard is another operating system security feature that uses virtualization-based security. In previous versions of Windows, if an attacker somehow gained administrative privileges to tamper with the app control policy for a device, she could allow malicious apps to run on the device.
With Device Guard, the app control policy can only be updated if a trusted signer signs it. That way, an attacker cannot modify the app control policy to let prohibited apps run on a device. This technique is far more secure than relying on AppLocker alone.
A deeper look at Device Guard credential
How Windows 10 ups the security game
Explore Windows Hello and Passport
Will Microsoft change its virtualization licensing with Windows 10?
Related Q&A from Brien Posey
While you may want to jump on the data management and protection train, consider first how combining the two in one product will affect your systems ... Continue Reading
Hackers can gain remote access to users' desktops through RDP hijacking. As a result, IT pros must know what they can do to prevent such an attack. Continue Reading
When IT pros are seeking an alternative to Outlook, they should consider the features their users need the most and select an email client that best ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.