What's "CISigners" in WDAC Policy?

MikeCTechDude 11 Reputation points
2022-06-19T07:12:26.05+00:00

Just trying to understand the purpose of that section in the policy files.

Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
8,164 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Castorix31 81,721 Reputation points
    2022-06-19T11:56:14.11+00:00

    From this link DefaultWindows_Enforced.xml

    CiSigners are signers that ConfigCI asks CI to trust for all builds, include
    retail builds.
    Normally CiSigners is empty or only includes production signers. For enterprise
    ConfigCI policy, you may need to include enterprise signers. Just make sure it
    is understood that CiSigners will be trusted by CI for all builds.

  2. Limitless Technology 39,351 Reputation points
    2022-06-23T14:23:51.957+00:00

    Hi there,

    CISigners is the one that represents the signature level at which the code was verified.

    WDAC only supports signer rules for RSA certificate signing keys with a maximum of 4096 bits.

    You can learn more from here https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create

    Windows Defender Application Control design guide https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide

    -------------------------------------------------------------------------------------------------------------------------

    --If the reply is helpful, please Upvote and Accept it as an answer--

    0 comments