Added Prevented Device history to Win - OIB - Microsoft Edge - D - Security

[jkerai1]

This was set for chrome but not edge

I personally like restricting this because from a DFIR perspective I can live response to the users machine and pull the browser history. In DeviceNetworkEvents (MDE) you do not get full URL/path/query so Live response is a nice work around

Can't delete

vs Can Delete

[jkerai1]

Added D drive URL block in chrome so you cant use Chrome as a file explorer for the D drives and local drive if using AVD - file://tsclient/. I want to prevent users opening files on their local that may be malicious if they are accessing via AVD.

Turns out this will stop you from opening PDFs if you block from C drive and such in browser so you may want to cherrypick the drives here

Ref: https://james-rankin.com/videos/using-onedrive-sync-client-with-c-drive-restrictions-and-a-bunch-of-handy-security-tips-too/

[jkerai1]

Added Edge Updates - not sure how to version so i decided to create a 3.1 instead as it made more sense - UPDATE: Removed this, i will let you version as appropriate instead

Configure Typosquatting Checker

Disable Edge CryptoWallet

Disable "Allow websites to query for available payment methods"

Disable "Enables DALL-E themes generation"

Disable Edge Shopping Assistant "Shopping in Microsoft Edge"

Disable Screenshots API inside browser - "Disable taking screenshots" - this still allows screenshots to be taken outside of the browser

Disable "Enable upload files from phone in Microsoft Edge desktop"

Block Surf Game

[jkerai1]

replicated changes to MacOS OIB Edge.

MacOS - OIB - Microsoft Edge - D - Security:

Disable taking screenshots - Enabled
Allow websites to query for available payment methods - Disabled
Enable deleting browser and download history - Disabled
Allow surf game - Blocked

[jkerai1]

Turns out stopping deletion of history stops sync of history and open new tab so id understand if you want to cherry pick this out

Anyway:

Update: Win - OIB - Microsoft Edge - U - User Experience - v3.1.json

Under User Experience I have hidden Promoted Links (ebay etc)

Disable all background image types in new tab

[jkerai1]

CHROME - D - Security UPDATES:

Add block for D Drive being used like a file explorer also blocked AVD drives and few other sites such as https://onionmail.org, https://pastebin.com, https://amsi.fail. Feel free to cherry pick out the D drive

Allow remote debugging - Disable

Allow Dinosaur Easter Egg Game - disabled

Allow Google Cast to connect to Cast devices on all IP addresses. - disabled

Enable third party software injection blocking - enabled

Allow legacy TLS/DTLS downgrade in WebRTC - disabled [ This policy will be deprecated eventually, and is already deprecated in Edge]

Disable taking screenshots - enabled - still allows screenshots to be taken from outside the browser just the screenshots API in browser is disabled

Allow remote access users to transfer files to/from the host - Disabled (in addition to existing remote access policy)