Updated cheat sheet: Removed EMET and added new recommendations. (#1602)

OWASP · Feb 2, 2025 · aa6907b · aa6907b
1 parent 7224e93
commit aa6907b
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 2 deletions.
diff --git a/cheatsheets/C-Based_Toolchain_Hardening_Cheat_Sheet.md b/cheatsheets/C-Based_Toolchain_Hardening_Cheat_Sheet.md
@@ -648,6 +648,10 @@ Visual Studio offers a number of debugging aids for use during development. The
 
 ![Windows1](../assets/C-Based_Toolchain_Hardening_Windows1.png)
 
-Finally, for runtime hardening, Microsoft has a helpful tool called EMET. EMET is the [Enhanced Mitigation Experience Toolkit](https://en.wikipedia.org/wiki/Enhanced_Mitigation_Experience_Toolkit), and allows you to apply runtime hardening to an executable which was built without it. It's very useful for utilities and other programs that were built without an SDLC.
+Finally, for runtime hardening, Microsoft provides **Windows Defender Exploit Guard** and the **Process Mitigation Management Tool**.  
+[Windows Defender Exploit Guard](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/exploit-protection) replaces EMET and offers advanced exploit protection features.  
 
-![Windows2](../assets/C-Based_Toolchain_Hardening_Windows2.png)
+Additionally, the [Process Mitigation Management Tool](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/customize-exploit-protection) (`ProcessMitigations` module) allows administrators to configure exploit mitigation policies via PowerShell and Group Policy.
+
+![Windows2](exploit-protection-guard.png)
+  
diff --git a/exploit-protection-guard.png b/exploit-protection-guard.png