From 974e38c6f3eafa70694c22991425f9200ebeb96a Mon Sep 17 00:00:00 2001
From: Tommy <contact@tommytran.io>
Date: Tue, 21 Nov 2023 09:57:22 -0700
Subject: [PATCH] MAPS

Signed-off-by: Tommy <contact@tommytran.io>
---
 .../Windows Components/Microsoft Defender Antivirus.md       | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 Group Policies/Computer Configuration/Windows Components/Microsoft Defender Antivirus.md

diff --git a/Group Policies/Computer Configuration/Windows Components/Microsoft Defender Antivirus.md b/Group Policies/Computer Configuration/Windows Components/Microsoft Defender Antivirus.md
new file mode 100644
index 0000000..cfe594c
--- /dev/null
+++ b/Group Policies/Computer Configuration/Windows Components/Microsoft Defender Antivirus.md	
@@ -0,0 +1,5 @@
+# Microsoft Defender Antivirus
+
+Microsoft Defender Antivirus MAPS is an interesting case. You should configure it depending on your threat model, and treat it like SmartScreen. We will disable automatic sample submission regardless because that could be privacy invasive.
+
+- Send file samples when further analysis is required -> Enabled -> Never send
\ No newline at end of file