Disable System Guard communication hub
This script disables the System Guard Runtime Monitor Broker service and its associated process. The System Guard Runtime Monitor Broker service monitors and verifies Windows platform integrity. It handles attestation and reporting functions. It assists assertions of System Guard Runtime Monitor (SGRM). This enables management systems such as Intune and SCCM to collect integrity data. It supports remote actions such as blocking access to compromised devices. The service manag...
Disable System Guard kernel monitoring
This script disables the System Guard Runtime Monitor Agent, a kernel driver within Windows' security infrastructure. The System Guard Runtime Monitor Agent is a kernel-mode component of System Guard that runs in the Secure Kernel. The Secure Kernel operates in a more secure and isolated environment called "VTL1" (Virtual Trust Level 1), while the normal NT kernel runs in a virtualized environment called "VTL0". This separation adds another layer of security. It provides essential fu...
Disable System Guard rule definitions
This script disables System Guard security checks, also called assertions. System Guard assertions are measurements of sensitive system properties in real time. They help detect subtle security threats by assessing the system's security. However, this monitoring may compromise privacy by sharing system health data with external services. This script enhances privacy by preventing the sharing of system health data. It may also improve performance by reducing the overhead from security checks....
Disable System Guard rule scanner
This script disables the Secure Enclave, a component of the System Guard feature in Windows. The Secure Enclave is also known as the assertion engine. It continuously monitors and checks system integrity during runtime, assessing the system's security state. It is a core component of System Guard. This engine can send collected data to cloud or third-party providers. This script enhances privacy by preventing system integrity data from being shared externally. It may also imp...
Disable System Guard sandbox monitoring
This script disables the System Guard Runtime Monitor LPAC (Least-Privileged AppContainer) process. This process is part of the System Guard Runtime Monitor (SGRM) functionality. SGRM is a Windows security feature that monitors the system for potential tampering. • LPAC (Least-Privileged AppContainer) means this component operates in a restricted environment for enhanced security. Its exposes information through: RPC allows different software programs to communicate, even if they...
Disable System Guard startup verification
This script disables System Guard Secure Launch, a security feature in Windows. Secure Launch is also known as Virtualization Based Security (VBS) or firmware protection. This feature enhances startup security on Windows systems. It was initially introduced in Windows 10 version 1809. It protects the Virtualization Based Security (VBS) environment from vulnerabilities in device firmware. VBS, in Windows, refers to a security technology that uses hardware virtualization to...