[longtom]

It looks like AppLocker is available in Windows Pro, however not configurable via GPOs: https://msendpointmgr.com/2020/09/20/does-applocker-work-in-...

Is anyone aware of a tool that simplifies setting up AppLocker? I simply would like to whitelist already installed programs and block everything else, ideally without configuring anything.

[jve]

I opened up the article by just hoping to find this one thing: I simply would like to whitelist already installed programs and block everything else, ideally without configuring anything.

That would really simplify things

[FoolishTech]

by default %programfiles% and %programfiles(x86)% are whitelisted, so for most users pretty much that's exactly what they will do with Lockdown, launch it click Enable and that is all that needs to be done. Granted you do need to worry about specifically whitelisting programs not installed to those locations, which are few if any for most people, and actually it wouldn't be a bad feature idea to add an automatic scan for them since some apps insist on running from nested %appdata% folders...

[GaveDrohl]

What stops someone from installing a virus to those locations so that they're automatically whitelisted?