Microsoft Edge Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Online revocation checks must be performed.
<VulnDiscussion>If you enable this policy, Microsoft Edge will perform soft-fail, online OCSP/CRL checks. "Soft fail" means that if the revoc...Rule Medium Severity -
SRG-APP-000141
<GroupDescription></GroupDescription>Group -
Importing of cookies must be disabled.
<VulnDiscussion>Allows users to import cookies from another browser into Microsoft Edge. If this policy is disabled, cookies are not importe...Rule Medium Severity -
SRG-APP-000141
<GroupDescription></GroupDescription>Group -
Importing of extensions must be disabled.
<VulnDiscussion>Allows users to import extensions from another browser into Microsoft Edge. If this policy is enabled, the Extensions check ...Rule Medium Severity -
SRG-APP-000141
<GroupDescription></GroupDescription>Group -
SRG-APP-000141
<GroupDescription></GroupDescription>Group -
SRG-APP-000073
<GroupDescription></GroupDescription>Group -
Bypassing Microsoft Defender SmartScreen prompts for sites must be disabled.
<VulnDiscussion>This policy setting allows a decision to be made on whether users can override the Microsoft Defender SmartScreen warnings ab...Rule Medium Severity -
SRG-APP-000073
<GroupDescription></GroupDescription>Group -
Bypassing of Microsoft Defender SmartScreen warnings about downloads must be disabled.
<VulnDiscussion>This policy setting allows a decision to be made on whether users can override Microsoft Defender SmartScreen warnings about ...Rule Medium Severity -
SRG-APP-000073
<GroupDescription></GroupDescription>Group -
The list of domains for which Microsoft Defender SmartScreen will not trigger warnings must be allowlisted if used.
<VulnDiscussion>Configure the list of Microsoft Defender SmartScreen trusted domains. This means Microsoft Defender SmartScreen will not chec...Rule Low Severity -
SRG-APP-000080
<GroupDescription></GroupDescription>Group -
InPrivate mode must be disabled.
<VulnDiscussion>This setting specifies whether the user can open pages in InPrivate mode in Microsoft Edge. If this policy is not configured...Rule Medium Severity -
SRG-APP-000141
<GroupDescription></GroupDescription>Group -
Background processing must be disabled.
<VulnDiscussion>Background processing allows Microsoft Edge processes to start at OS sign-in and keep running after the last browser window i...Rule Medium Severity -
SRG-APP-000141
<GroupDescription></GroupDescription>Group -
The ability of sites to show pop-ups must be disabled.
<VulnDiscussion>Set whether websites can show pop-up windows. Pop-ups can be allowed on all websites ("AllowPopups") or blocked on all sites ...Rule Medium Severity -
SRG-APP-000141
<GroupDescription></GroupDescription>Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.