Microsoft Edge Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000141
Group -
SRG-APP-000039
Group -
User control of proxy settings must be disabled.
This action configures the proxy settings for Microsoft Edge. If this policy is enabled, Microsoft Edge ignores all proxy-related options specified from the command line. If this policy is not co...Rule Low Severity -
Bypassing of Microsoft Defender SmartScreen warnings about downloads must be disabled.
This policy setting allows a decision to be made on whether users can override Microsoft Defender SmartScreen warnings about unverified downloads. If this setting is enabled, users cannot ignore M...Rule Medium Severity -
The list of domains for which Microsoft Defender SmartScreen will not trigger warnings must be allowlisted if used.
Configure the list of Microsoft Defender SmartScreen trusted domains. This means Microsoft Defender SmartScreen will not check for potentially malicious resources, such as phishing software and oth...Rule Low Severity -
The default search provider must be set to use an encrypted connection.
Allows a list of list of up to 10 search engines to be configured, one of which must be marked as the default search engine. The encoding does not need to be specified. Starting in Microsoft Edge 8...Rule Medium Severity -
Network prediction must be disabled.
Enables network prediction and prevents users from changing this setting. This controls DNS prefetching, TCP and SSL pre-connection, and pre-rendering of web pages. If this policy is not configur...Rule Medium Severity -
Importing of browsing history must be disabled.
Allows users to import their browsing history from another browser into Microsoft Edge. If this policy is enabled, the Browsing history check box is automatically selected in the Import browser da...Rule Medium Severity -
Importing of open tabs must be disabled.
Allows users to import open and pinned tabs from another browser into Microsoft Edge. If this policy is enabled, the Open tabs check box is automatically selected in the Import browser data dialog...Rule Medium Severity -
AutoplayAllowed must be set to disabled.
This policy sets the media autoplay policy for websites. The default setting "Not configured" respects the current media autoplay settings and lets users configure their autoplay settings. Settin...Rule Medium Severity -
Online revocation checks must be performed.
If you enable this policy, Microsoft Edge will perform soft-fail, online OCSP/CRL checks. "Soft fail" means that if the revocation server can't be reached, the certificate will be considered valid....Rule Medium Severity -
Personalization of ads, search, and news by sending browsing history to Microsoft must be disabled.
This policy prevents Microsoft from collecting a user's Microsoft Edge browsing history to be used for personalizing advertising, search, news and other Microsoft services. This setting is only av...Rule Medium Severity -
Extensions installation must be blocklisted by default.
List specific extensions that users cannot install in Microsoft Edge. When this policy is deployed, any extensions on this list that were previously installed will be disabled, and the user will no...Rule Medium Severity -
Microsoft Defender SmartScreen must be enabled.
This policy setting configures Microsoft Defender SmartScreen, which provides warning messages to help protect users from potential phishing scams and malicious software. By default, Microsoft Def...Rule Medium Severity -
Microsoft Defender SmartScreen must be configured to block potentially unwanted apps.
This policy setting configures blocking for potentially unwanted apps with Microsoft Defender SmartScreen. Potentially unwanted app blocking with Microsoft Defender SmartScreen provides warning mes...Rule Medium Severity -
A website's ability to query for payment methods must be disabled.
This setting determines whether websites can check if the user has payment methods saved. If this policy is disabled, websites that use "PaymentRequest.canMakePayment" or "PaymentRequest.hasEnroll...Rule Medium Severity -
Suggestions of similar web pages in the event of a navigation error must be disabled.
This setting allows Microsoft Edge to issue a connection to a web service to generate URL and search suggestions for connectivity issues such as DNS errors. If this policy is enabled, a web servic...Rule Medium Severity -
The built-in DNS client must be disabled.
This setting controls whether to use the built-in DNS client. This does not affect which DNS servers are used; it only controls the software stack that is used to communicate with them. For exampl...Rule Medium Severity -
Importing of cookies must be disabled.
Allows users to import cookies from another browser into Microsoft Edge. If this policy is disabled, cookies are not imported on first run. If this policy is not configured, cookies are imported ...Rule Medium Severity -
SRG-APP-000141
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.