Skip to content

Microsoft Edge Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-APP-000141

    <GroupDescription></GroupDescription>
    Group
  • Personalization of ads, search, and news by sending browsing history to Microsoft must be disabled.

    &lt;VulnDiscussion&gt;This policy prevents Microsoft from collecting a user's Microsoft Edge browsing history to be used for personalizing advertis...
    Rule Medium Severity
  • SRG-APP-000141

    <GroupDescription></GroupDescription>
    Group
  • SRG-APP-000080

    <GroupDescription></GroupDescription>
    Group
  • Browser history must be saved.

    &lt;VulnDiscussion&gt;This setting disables deleting browser history and download history and prevents users from changing this setting.&lt;/VulnDi...
    Rule Medium Severity
  • SRG-APP-000141

    <GroupDescription></GroupDescription>
    Group
  • Edge development tools must be disabled.

    &lt;VulnDiscussion&gt;While the risk associated with browser development tools is more related to the proper design of a web application, a risk ve...
    Rule Low Severity
  • SRG-APP-000141

    <GroupDescription></GroupDescription>
    Group
  • Download restrictions must be configured.

    &lt;VulnDiscussion&gt;Configure the type of downloads that Microsoft Edge completely blocks, without letting users override the security decision. ...
    Rule Low Severity
  • SRG-APP-000378

    <GroupDescription></GroupDescription>
    Group
  • URLs must be whitelisted for plugin use if used.

    &lt;VulnDiscussion&gt;Define a list of sites, based on URL patterns that can open pop-up windows.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/...
    Rule Low Severity
  • SRG-APP-000141

    <GroupDescription></GroupDescription>
    Group
  • Extensions installation must be blocklisted by default.

    &lt;VulnDiscussion&gt;List specific extensions that users cannot install in Microsoft Edge. When this policy is deployed, any extensions on this li...
    Rule Medium Severity
  • SRG-APP-000386

    <GroupDescription></GroupDescription>
    Group
  • Extensions that are approved for use must be allowlisted if used.

    &lt;VulnDiscussion&gt;By default, all extensions are allowed. However, if all extensions are blocked by setting the "ExtensionInstallBlockList" pol...
    Rule Low Severity
  • SRG-APP-000400

    <GroupDescription></GroupDescription>
    Group
  • The Password Manager must be disabled.

    &lt;VulnDiscussion&gt;Enable Microsoft Edge to save user passwords. If this policy is enabled, users can save their passwords in Microsoft Edge. T...
    Rule Medium Severity
  • SRG-APP-000456

    <GroupDescription></GroupDescription>
    Group
  • The version of Microsoft Edge running on the system must be a supported version.

    &lt;VulnDiscussion&gt;Security flaws with software applications are discovered daily. Vendors are constantly updating and patching their products t...
    Rule High Severity
  • SRG-APP-000560

    <GroupDescription></GroupDescription>
    Group

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules