What's "CISigners" in WDAC Policy?

MikeCTechDude 1 Reputation point

Just trying to understand the purpose of that section in the policy files.

Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
3,504 questions
No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Castorix31 65,461 Reputation points

    From this link DefaultWindows_Enforced.xml

    CiSigners are signers that ConfigCI asks CI to trust for all builds, include
    retail builds.
    Normally CiSigners is empty or only includes production signers. For enterprise
    ConfigCI policy, you may need to include enterprise signers. Just make sure it
    is understood that CiSigners will be trusted by CI for all builds.

  2. Limitless Technology 37,331 Reputation points

    Hi there,

    CISigners is the one that represents the signature level at which the code was verified.

    WDAC only supports signer rules for RSA certificate signing keys with a maximum of 4096 bits.

    You can learn more from here https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create

    Windows Defender Application Control design guide https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide


    --If the reply is helpful, please Upvote and Accept it as an answer--

    No comments