Microsoft Edge Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Online revocation checks must be performed.
If you enable this policy, Microsoft Edge will perform soft-fail, online OCSP/CRL checks. "Soft fail" means that if the revocation server can't be reached, the certificate will be considered valid....Rule Medium Severity -
Personalization of ads, search, and news by sending browsing history to Microsoft must be disabled.
This policy prevents Microsoft from collecting a user's Microsoft Edge browsing history to be used for personalizing advertising, search, news and other Microsoft services. This setting is only av...Rule Medium Severity -
Extensions installation must be blocklisted by default.
List specific extensions that users cannot install in Microsoft Edge. When this policy is deployed, any extensions on this list that were previously installed will be disabled, and the user will no...Rule Medium Severity -
Microsoft Defender SmartScreen must be enabled.
This policy setting configures Microsoft Defender SmartScreen, which provides warning messages to help protect users from potential phishing scams and malicious software. By default, Microsoft Def...Rule Medium Severity -
Microsoft Defender SmartScreen must be configured to block potentially unwanted apps.
This policy setting configures blocking for potentially unwanted apps with Microsoft Defender SmartScreen. Potentially unwanted app blocking with Microsoft Defender SmartScreen provides warning mes...Rule Medium Severity -
A website's ability to query for payment methods must be disabled.
This setting determines whether websites can check if the user has payment methods saved. If this policy is disabled, websites that use "PaymentRequest.canMakePayment" or "PaymentRequest.hasEnroll...Rule Medium Severity -
Suggestions of similar web pages in the event of a navigation error must be disabled.
This setting allows Microsoft Edge to issue a connection to a web service to generate URL and search suggestions for connectivity issues such as DNS errors. If this policy is enabled, a web servic...Rule Medium Severity -
The built-in DNS client must be disabled.
This setting controls whether to use the built-in DNS client. This does not affect which DNS servers are used; it only controls the software stack that is used to communicate with them. For exampl...Rule Medium Severity -
Importing of cookies must be disabled.
Allows users to import cookies from another browser into Microsoft Edge. If this policy is disabled, cookies are not imported on first run. If this policy is not configured, cookies are imported ...Rule Medium Severity -
SRG-APP-000141
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.