ASD - Australian Signals Directorate

ASD's Blueprint for Secure Cloud

Rules

This section describes the configuration of rules within Microsoft Defender associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

Estimated reading time: 2 minutes

Alert suppression

Not configured

Indicators

Not configured

Process Memory Indicators

Not configured

Web Content Filtering

ItemValue
General
Policy NameBlocked content
Blocked Categories
Adult contentSelect all
High BandwidthSelect all
Legal LiabilitySelect all
LeisureChat
Games
Instant Messaging
Web-based Email
Social Networking
UncategorizedSelect all
Scope
Machine GroupsSelect all

Automation uploads

ItemValue
File Content Analysis
Content analysisOn
File extension namesair,elf,gadget,msi,vbe,url,cmd,js,reg,ws,pl,’’,rgs,bat,vbs,inf,cpl,vb,ps1,job,ko.gz,exe,wsf,dll,py,rb,sh,scr,ko,com,tcl,sys
Memory Content Analysis
EnabledOn

Automation folder exclusions

Not configured

Asset rule management

Not configured

Security & Governance

  • None identified

Design

Configuration

References

Do you have a suggestion on how the above page could be improved? Get in touch! ASD's Blueprint for Secure Cloud is an open source project, and we would love to get your input. Submit an issue on our GitHub, or send us an email at blueprint@asd.gov.au

Acknowledgement of Country icon

Acknowledgement of Country
We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.

Authorised by the Australian Government, Canberra