Configure Windows Security settings instantly
ConfigureDefender is a small portable tool for configuring Windows Security or Defender settings with a click. You can apply High and Max Settings instantly to further harden Defender settings. Advanced users can manually change settings using Windows Registry, Windows Group Policy, and PowerShell Commands. This application is a part of the Hard_Configurator program, which offers Software Restriction Policy and harden windows to make it secure. However, you can use ConfigureDefender, which is a standalone application to enhance Windows Security. The only thing it lacks is Real-Time monitoring, which has been removed as Windows flags it. The application offers a one-screen interface which lists down all the security settings, and its current status. On top of those settings, you have access to quick action buttons that can change Microsoft Security settings between Default, High, and Max. You can change individual settings manually as well. When you choose Max protection level, it clocks any suspicious attacks via Attack Surface Reduction, Controlled Folder Access, SmartScreen (set to block), and cloud level (set to block) – Defender Security Center is hidden. When you apply the change, it will apply the settings with a warning, and display the excluded folders. Here is the list of settings available for all Windows 10 versions through ConfigureDefender
Real-time MonitoringBehavior MonitoringScan all downloaded files and attachmentsReporting Level (MAPS membership level)Average CPU Load while scanningAutomatic Sample SubmissionPotentially Unwanted Applications (short: PUA Protection)Cloud Protection Level (Default)Cloud Check Time Limit.
Manually Configure Settings for Windows Defender
Advanced users can manually change settings using Windows Registry, Windows Group Policy, and PowerShell Commands. These are important settings that you can learn to configure on single or multiple computers.
Group Policy Management Console (gpedit.msc is not available in Windows Home edition)Direct via Registry editing (manually, via *.reg files or scripts)PowerShell cmdlets (set-mppreference, add-mppreference, remove-mppreference, PowerShell 5.0).
Windows Defender Registry Keys Location
All the settings are available on the following path, which can be accessed using Registry Editor.
Windows Defender GPO Location
MAPS, MpEngine, Real-time Protection, Reporting, Scan, Spynet, and Windows Defender Exploit Guard, should be inspected before using the utility if some settings are switched to ensure they are set back to the defaults. You can download it from GitHub. Related read: WindefThreatsView: Set default actions for Windows Defender threats