“AaronLocker” big perf and feature updates (17 June 2019)

(On the 15th anniversary of my first blog posts…) Performance improvements in the “AaronLocker” scripts, especially in Get-AppLockerEvents.ps1. And: Get-AppLockerEvents.ps1 … Now retrieves Packaged App events; -EventLogNames parameter supports retrieving from named event logs, to support the use case when forwarded events are saved in event logs other than “ForwardedEvents”; Removed all the field-omission switches…


“AaronLocker” updates (13 May 2019)

Hot on the heels of yesterday’s changes, “AaronLocker” now handles EXE and DLL files with non-standard extensions. Scan a directory with, say, “*.pyd” files or “*.api” files or any other non-standard extension, the “AaronLocker” scripts now identify them, distinguish whether they are Win32 EXE or DLL rules, and builds rules to cover them. Reminders of “AaronLocker”…

1

“AaronLocker” updates (12 May 2019)

Just committed some changes to the “AaronLocker” repo on GitHub and its documentation. Changes include: Rule-generation for files in unsafe paths: always used to create one publisher or hash rule for each file in the directory hierarchy. New granularity options enable rules tied only to publisher name or publisher+product name instead of one-rule-per-file. Can dramatically reduce the…


“AaronLocker” videos on YouTube

7 minute “Intro to ‘AaronLocker’,” a set of PowerShell scripts that automate AppLocker-related tasks to achieve robust, practical, customizable, and maintainable application whitelisting for Windows.  https://youtu.be/nQyODwPR5qo 13 minute “AaronLocker Quick Start:” how to build, customize, and deploy robust and practical AppLocker rules quickly using AaronLocker. https://youtu.be/E-IrqFtJOKU

1

“AaronLocker” moved to GitHub

“AaronLocker” is a robust, practical, and free PowerShell-based application whitelisting solution for Windows, built on Windows AppLocker. Earlier posts with description here and here. Rather than continuing to attach zip files to blog posts, I have moved the “AaronLocker” materials, including scripts and documentation, to GitHub: https://github.com/Microsoft/AaronLocker. Among other things, this will make it easier to…


“AaronLocker” update (v0.91) — and see “AaronLocker” in action on Channel 9!

“AaronLocker” is a robust, practical, PowerShell-based application whitelisting solution for Windows. See it in action in this new Defrag Tools episode on Channel 9! [Update 28 January 2019: content moved to GitHub] This update to the original 0.9 release includes these improvements: Documentation updates, particularly in the area of Group Policy control; Blocks execution from…

2

ANNOUNCING: Application whitelisting with “AaronLocker”

[Update 11 Oct 2018: “AaronLocker” v0.91 released] Announcing the pre-release (v0.9) of “AaronLocker:” robust and practical application whitelisting for Windows. AaronLocker is designed to make the creation and maintenance of robust, strict, AppLocker-based whitelisting rules as easy and practical as possible. The entire solution involves a small number of PowerShell scripts. You can easily customize…

5