Deploy AppLocker Policies to only allow Microsoft/Citrix signed code and Store apps

In some scenarios there’s a demand for an increased security on Windows 10. Recently we worked on a scenario where only Microsoft code, Citrix code and Store Applications could run. Combined with no-local administrator privileges this creates a highly secure platform. Malware typically isn’t signed (and especially not by Microsoft or Citrix, if so we have bigger problems) and therefore unable to run…

1