Skip to content

TechDirectArchive

Hands-on IT, Cloud, Security, Veeam & DevOps

  • Home
  • About
  • Advertise With US
  • Contact
  • Reviews
  • Toggle search form

How to enable Smart App Control on Windows 11

Posted on 15/12/202222/03/2023 IT Expert By IT Expert No Comments on How to enable Smart App Control on Windows 11
  1. Home
  2. Security | Vulnerability Scans and Assessment
  3. How to enable Smart App Control on Windows 11
WindowsCoreSecurity

Smart App Control (SAC) adds significant protection from new and emerging threats by blocking apps that are malicious or untrusted. Smart App Control also helps to block potentially unwanted apps. These are apps that may cause your device to run slowly, display unexpected ads, and offer extra software you didn’t want. Or do other things you don’t expect. SAC works alongside your other security software, such as Microsoft Defender or non-Microsoft antivirus tools, for added protection. In this article, you will learn How to enable Smart App Control and Reputation-Based Protection in Windows 11. Kindly refer to these related guides. Enable or Disable Core Isolation Memory Integrity in Windows 10 and Windows 11, and how to fix an account with the same name exists in Active Directory, re-using the account was blocked by a security policy.

Note: Smart App Control can be used on new Windows 11 installs only. It was introduced in Windows 11 22H2. If you received it as part of a Windows update on an already running device you won’t be able to turn it on unless you reset your PC or re-install Windows.

It will interest you to know that Smart App Control was introduced in Windows 11 to complement Microsoft Defender’s and other security features like SmartScreen or Controlled Folder Access etc., thereby providing improved protection against untrusted Apps and adding a protective layer against ransomware. Please here is an interesting guide on how to clear Cache and Manually Update Microsoft Defender.

How Does Smart App Control Work?

When you try to run an app on Windows, Smart App Control will check to see if our intelligent cloud-powered security service can make a confident prediction about its safety. When the service believes the app to be safe, Smart App Control will let it run. If the app is believed to be malicious or potentially unwanted, then Smart App Control will block it.

When the security service is unable to make a confident prediction about the app, then Smart App Control checks to see if the app has a valid signature. If the app has a valid signature, Smart App Control will let it run. If the app is unsigned, or the signature is invalid, Smart App Control will consider it untrusted and block it for your protection.

To view the Smart App Control settings, navigate to Settings > Privacy and security > Windows Security
image-9

This will open the Windows Security Protection areas. Click on App & browser control as shown below.

image-10

Click on Smart app control settings. I am sorry, this is in German. To my German readers, this is great right?!

image-11

SAC Settings options

As you can see below, Smart App control (SAC) is currently deactivated. Under Smart App Control Settings, the following options are available:

  • On: It will block malicious and untrusted apps. This means the evaluation process has considered Smart App Control safe to run on the end-user system and will not get in the way of legitimate processes and procedures.
  • Evaluation: In this learning mode (audit” mode), the feature will evaluate if the app disturbs you too much, and if so, will block it in the future. The system will then automatically transition to on mode. Therefore, a system in evaluation mode will not block any applications. If the process finds apps that are not good candidates for Smart App Control or that Smart App Control may cause issues, the solution is turned off.
  • Off: If it is Off, then the feature cannot be turned on without reinstalling Windows. If Smart App Control interferes with legitimate processes or services, it will be turned off.
image-12

Why is the Smart App Control deactivated?

Smart App Control is only available on clean installs of Windows 11. If you have a clean install of Windows 11, these other reasons could be a factor why Smart App Control could be turned off.

  • During evaluation mode, we determined that you weren’t a good candidate for Smart App Control.
  • It was turned off manually by you or another user signed into your machine.
  • You have optional diagnostic data in Windows turned off. If you want to turn Smart App Control on, you’ll need to reset this PC, or reinstall Windows, and select Send optional diagnostic data during the setup process.

You may want to re-install Windows 11 thereby making this feature available to you. Kindly refer to these suggested guides: You can also turn On or Off Smart App Control using the Windows registry file.

Why am I unable to return to Evaluation mode for Smart App Control?

If the Evaluation mode period is over or you manually turned Smart App Control ON or OFF, then you will not be able to return to the evaluation mode directly. However, if you reinstall the operating system, you might return to Evaluation mode for Smart App Control. Here are some related guides on Windows installation: How to install Windows 11 on HyperV, how to install Windows 11 in Oracle VirtualBox with no TPM Support, and how to Install Windows Admin Center on Windows 10 and Windows 11.

I hope you found this blog post helpful. Now, you have learned how to enable Smart App Control and Reputation-Based Protection in Windows 11. If you have any questions, please let me know in the comment session.

Rate this post

Thank you for reading this post. Kindly share it with others.

  • Share on X (Opens in new window) X
  • Share on Reddit (Opens in new window) Reddit
  • Share on LinkedIn (Opens in new window) LinkedIn
  • Share on Facebook (Opens in new window) Facebook
  • Share on Pinterest (Opens in new window) Pinterest
  • Share on Tumblr (Opens in new window) Tumblr
  • Share on Telegram (Opens in new window) Telegram
  • Share on WhatsApp (Opens in new window) WhatsApp
  • Share on Mastodon (Opens in new window) Mastodon
  • Share on Bluesky (Opens in new window) Bluesky
  • Share on Threads (Opens in new window) Threads
  • Share on Nextdoor (Opens in new window) Nextdoor
Security | Vulnerability Scans and Assessment, Windows Tags:Microsoft Windows, Windows 10, Windows 11

Post navigation

Previous Post: Enable or disable Core Isolation Memory Integrity in Windows 10 and 11
Next Post: Enable or disable Reputation-Based Protection on Windows 10 and 11

Related Posts

  • iso10
    Mount an ISO image in Windows 10 and 11 Windows
  • win10 usb
    How to prevent installation of removable devices Windows
  • image 37
    There was an error opening the Trusted Platform Module snap-in: You do not have permission to open the Trusted Platform Module Console Windows
  • jmeterimage
    Apache JMeter Load Testing: Test Mobile Apps on Windows Configuration Management Tool
  • Virtual Desktop
    Add and Remove Multiple Virtual Desktops in Windows Windows
  • logon failure and requested session denied
    Logon Failure: User has not been granted the requested logon type Windows

More Related Articles

iso10 Mount an ISO image in Windows 10 and 11 Windows
win10 usb How to prevent installation of removable devices Windows
image 37 There was an error opening the Trusted Platform Module snap-in: You do not have permission to open the Trusted Platform Module Console Windows
jmeterimage Apache JMeter Load Testing: Test Mobile Apps on Windows Configuration Management Tool
Virtual Desktop Add and Remove Multiple Virtual Desktops in Windows Windows
logon failure and requested session denied Logon Failure: User has not been granted the requested logon type Windows

Leave a Reply Cancel reply

You must be logged in to post a comment.

Microsoft MVP

VEEAMLEGEND

vexpert-badge-stars-5

Virtual Background

GoogleNews

Categories

veeaam100

Veeam Vanguard

  • Windows Logo
    Restrict IP Address Range on Windows PC Windows
  • Security updated something did not go well as planned
    Something did not go well as planned: Windows Security update fails to install Windows
  • Fatal Refusing to Merge
    How to Fix Fatal Git Error Refusing to Merge Unrelated Histories Version Control System
  • S3 Bucket
    Access AWS Management Console and Create Resources with AWS CLI on Windows AWS/Azure/OpenShift
  • Enable autologon and autostart for user session
    Enable Autologon and Autostart for user session Windows
  • dd featured 1
    How to delete obsolete drivers from the Driver Store in Windows Windows
  • configure kerberos
    Configure Kerberos Delegation in Windows Windows
  • screenshot 2020 04 02 at 23.27.20
    Cloud Protection Manager: N2WS Veeam CPM Guide Backup

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,784 other subscribers
  • RSS - Posts
  • RSS - Comments
  • About
  • Authors
  • Write for us
  • Advertise with us
  • General Terms and Conditions
  • Privacy policy
  • Feedly
  • Telegram
  • Youtube
  • Facebook
  • Instagram
  • LinkedIn
  • Tumblr
  • Pinterest
  • Twitter
  • mastodon

Tags

Active Directory Azure Bitlocker Microsoft Windows PowerShell WDS Windows 10 Windows 11 Windows Deployment Services Windows Server 2016

Copyright © 2025 TechDirectArchive

Loading Comments...

You must be logged in to post a comment.