1
1
I believe that Windows Defender included in Windows 10 implements some forms of protection other than signature-based threat detection. Two Group Policy settings indicates this: "Turn on behavior monitoring" and "Monitor file and program activity on your computer".
Since I really dislike signature based-detection (and employ a really strict policy for threat mitigation instead), it's of my best interest to disable real-time file scanning in my Windows 10 system, but without turning off real-time protection entirely. Can it be done?
There's a policy setting called "Turn off real-time protection", but judging by it's name, I'm afraid it disables the other components. There's also "Scan all downloaded files and attachments", which I tried setting to Disabled, but doesn't seem to work (browsing through files and plugging external drives still triggers file scanning).
Thanks.
Real-time protection is behavior based; it's either enabled or not; defender Defender doesn't employ anything else – Ramhound – 2016-06-18T16:36:02.773
@Ramhound Not really. Real-time protection is, without a doubt, signature-based, and -supposedly- some other mechanisms. – Marc.2377 – 2016-06-18T20:12:08.977