Okay so funny story, I needed to spin up a non enterprise windows VM with defender disabled for testing and got to experience the horror of local group policy not actually applying the disable setting because Microsoft disabled the functionality without telling anyone.
And then I learned you can no longer disable defender on non domain joined systems without downloading a perma disable tool.
Otherwise group policy looks so cool until you run Bloodhound and realize you’ve created a security nuke lmao.
Okay so funny story, I needed to spin up a non enterprise windows VM with defender disabled for testing and got to experience the horror of local group policy not actually applying the disable setting because Microsoft disabled the functionality without telling anyone.
And then I learned you can no longer disable defender on non domain joined systems without downloading a perma disable tool.
Otherwise group policy looks so cool until you run Bloodhound and realize you’ve created a security nuke lmao.
Thank God we have Linux