Windows Security, earlier known as Windows Defender, is a powerful utility that can instantly set up a security system to a maximum or high with the least amount of effort. ConfigureDefender is a free tool that uses PowerShell cmdlets to execute scripts, and change group policy settings to configure these. The user interface is more straightforward, which means you don’t have to have a technical advantage. However, you will need admin privileges to make the changes.
Configure Windows Security settings instantly
ConfigureDefender is a small portable tool for configuring Windows Security or Defender settings with a click. You can apply High and Max Settings instantly to further harden Defender settings. Advanced users can manually change settings using Windows Registry, Windows Group Policy, and PowerShell Commands.
This application is part of the Hard_Configurator program, which offers Software Restriction Policy and hardens Windows to make it secure. However, you can use ConfigureDefender, a standalone application to enhance Windows Security. It only lacks Real-Time monitoring, which has been removed as Windows flags it.
The application offers a one-screen interface that lists all the security settings and their current status. In addition to those settings, you have access to quick action buttons that can change Microsoft Security settings between Default, High, and Max. You can also change individual settings manually.
When you choose Max protection level, it clocks any suspicious attacks via Attack Surface Reduction, Controlled Folder Access, SmartScreen (set to block), and cloud level (set to block) – Defender Security Center is hidden. When you apply the change, it will apply the settings with a warning, and display the excluded folders.
Here is the list of settings available for all Windows versions through ConfigureDefender
- Real-time Monitoring
- Behavior Monitoring
- Scan all downloaded files and attachments
- Reporting Level (MAPS membership level)
- Average CPU Load while scanning
- Automatic Sample Submission
- Potentially Unwanted Applications (short: PUA Protection)
- Cloud Protection Level (Default)
- Cloud Check Time Limit.
You can download it from GitHub.
Manually Configure Settings for Windows Defender
Advanced users can manually change settings using Windows Registry, Windows Group Policy, and PowerShell Commands. These are important settings that you can learn to configure on single or multiple computers.
- Group Policy Management Console (gpedit.msc is not available in Windows Home edition)
- Direct via Registry editing (manually, via *.reg files or scripts)
- PowerShell cmdlets (set-mppreference, add-mppreference, remove-mppreference, PowerShell 5.0).
Windows Defender Registry Keys Location
All the settings are available on the following path, which can be accessed using Registry Editor.
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender
Windows Defender GPO Location
Computer configuration > Administrative templates > Windows components > Windows Defender Antivirus.
MAPS, MpEngine, Real-time Protection, Reporting, Scan, Spynet, and Windows Defender Exploit Guard, should be inspected before using the utility if some settings are switched to ensure they are set back to the defaults.
Related read: WindefThreatsView: Set default actions for Windows Defender threats