Should Microsoft be making this kind of Application Guard ‘defence-in-depth isolation’ through virtualization-based security available to a broader user base?
Microsoft has announced it is to harden the Edge browser for enterprise users. The hardware-based sandboxing provided by Windows Defender Application Guard for Windows 10 Enterprise will serve to isolate Edge from malicious code. Windows Defender Application Guard for Windows 10 Enterprise adds that layer using Microsoft’s Hyper-V virtualisation technology to isolate any threats and disrupt the attack opportunity. “Application Guard is designed to stop attackers from establishing a foothold on the local machine,” says John Hazen, principal program manager for Microsoft Edge “or from expanding out into the rest of the corporate network.” This approach is, of course, to be applauded as it not only isolates the threats from the network but removes them completely when the container is closed. It does, however, leave the question of whether Microsoft should be making this kind of ‘defence-in-depth isolation’ through virtualisation based security available to a broader user base? Not least because unless such protection is made more widely available downstream, the supply chain (comprised of generally much smaller organisations) will surely remain vulnerable.