Installation

What's New

It is an advanced security feature designed to harden the Windows Firewall by leveraging App ID Tagging, a feature of Windows Defender Application Control. Unlike traditional firewall rules that rely on file paths which can be easily spoofed, Firewall Sentinel links network permissions directly to cryptographic signatures and trusted policies. This ensures that only verified, signed, and reputable applications can access the network, significantly reducing the attack surface for malware and unauthorized data exfiltration.
Firewall Sentinel offers deep visibility into network activity through its Blocked Packets Log and Real-Time Monitor. This section allows administrators to investigate dropped packets with granular detail, including source/destination IPs, ports, protocols, and process IDs. It also integrates direct control over Windows Audit Policies, enabling users to toggle Packet Drop Auditing on the fly to diagnose connectivity issues or track potential intrusion attempts live.

Note

You can now assign policies from the Sidebar's Policies Library to the Simulation page.
Dependencies have been updated to their latest versions, 3 dependencies have been removed, improving performance and the overall supply chain security.
In the Event Logs policy creation page, if you've selected file paths for EVTX files, they will no longer be cleared after the scan has been completed.
Fixed an issue with App Locker logs not being parsed correctly: #1041
The design of the Policies Library on the Sidebar has been improved to make it easier to use in very narrow widths. As a reminder, it is resizable and you can drag its edge to resize it.

How to verify the MSIXBundle's authenticity:

gh attestation verify "Path To MSIXBundle" --repo HotCakeX/Harden-Windows-Security --format json

winget install --id GitHub.cli