Categories Tech NewsWindows 10

Windows Defender System Guard runtime attestation coming to Windows systems

Microsoft just announced the launch of a new security technology called Windows Defender System Guard runtime attestation. It’s built into the core Windows operating system and will be delivered to all Windows editions in the near future. Here’s a bit more about the technology and the security benefits it can offer.

What is Windows Defender System Guard runtime attestation?


At its most basic level, Windows Defender System Guard runtime attestation is a client API that will eventually be exposed to a relying party. The idea is that it gives users a method for attesting to the state of their devices and then a way to perform runtime reports in order to evaluate system components.

This security update is thanks in part to the company’s recent reorganization of system integrity features in the Windows 10 Fall Creators Update. This is where Windows Defender System Guard came to be, allowing the company to continually update and add innovations in the area of platform security. So once the first phase of Windows Defender System Guard runtime attestation is added to the Windows platform, it will also be continually updated with new features and support in an effort to create an environment where security violations are observable and effectively communicated in the event of a full system compromise, such as through a kernel-level exploit.

How does it work?

Currently, Microsoft is working toward providing an API that relying parties can use to attest to the state of their devices at that particular point in time. Then, the API returns a runtime report that details all of those claims about the security posture of the system, including assertions about sensitive system properties.

For each runtime report to actually have meaning, it has to provide reasonable resistance against tampering. This means that the generation must be isolated from an attacker, it must be attestable, and it must be cryptographically signed in a manner that is irreproducible outside the isolated environment. Virtual Secure Mode and VBS enclaves are sometimes used in order to create virtualized environments that allow users to pinpoint the data that is secure.

Once you have data that can be included in trusted reports, Windows Defender System Guard can perform a runtime measurement in order to assert the system integrity at runtime, with the security level attesting to security posture.

There are a lot more details that go into the new security feature. You can learn more on Microsoft’s website and then look out for it in the next Windows update.

Annie Pilon

Annie Pilon is a freelance writer specializing in topics related to business, marketing, social media, and tech. She has a degree in journalism and marketing from Columbia College Chicago and currently works and lives in Michigan.

Published by
Annie Pilon

Recent Posts

Cybersecurity AI: Integrating artificial intelligence into your security policy

Danger is lurking everywhere and there is no letup in cybercriminals looking to breach your system. Cybersecurity AI gives you…

2 hours ago

No excuses: Patch Exchange and patch your operating systems

Admins hate patches. Admins hate patching. But with the threats lurking on the Internet and elsewhere, it’s time to accept…

7 hours ago

What does the future hold for the hosting industry?

As with other technology industries, the hosting business has seen major changes since the early days of the Internet. But…

10 hours ago

Moving a VM to a different virtual network in Microsoft Azure

Thinking of moving a VM to a different virtual network in Azure? It’s possible. Here’s how to avoid speed bumps…

1 day ago

Safeguarding your digital identities in a hostile world

In today’s online world where everything is tracked and saved, safeguarding digital identities is crucial both for individuals and for…

1 day ago

Exchange errors: Common problems and commonsense fixes

Exchange errors are the curse of every IT admin’s job. Here are some common issues you may face — and…

1 day ago