Windows Defender Application Control (WDAC) is a core component of Windows, since Windows 10 and Server 2016, which can be used as part of your security posture to secure workstations and endpoints by defining which applications are allowed to execute on those devices. WDAC is being leveraged by many organisations in Australia as part of their Essential 8 compliance for application control.
WDAC feature availability
Whilst on Windows workstations the majority of advanced features (such as multi policy format, managed installer and intelligent security graph) are available on Windows 10 1903+ which was released in 2019.
Similarly many of these are not supported on Windows Server 2016, and some not supported on Windows Server 2019. These features are outlined in the WDAC feature availability documentation.
Some of the key feature differences I’ve detailed in the table below..
| Feature | Server 2016 | Server 2019 | Server 2022 |
| Managed Installer | Not supported | Supported | Supported |
| Intelligent Security graph | Not supported | Supported | Supported |
| Path based rules | Not supported | Supported | Supported |
| Multi policy format | Not supported | Not supported | Supported |