Get-ProcessMitigation

Gets the current process mitigation settings, either from the registry, from a running process, or saves all to a XML.

Syntax

Get-ProcessMitigation
   [-FullPolicy]
   [<CommonParameters>]
Get-ProcessMitigation
   [-Name] <String>
   [-RunningProcesses]
   [<CommonParameters>]
Get-ProcessMitigation
   [-Id] <Int32[]>
   [<CommonParameters>]
Get-ProcessMitigation
   [-RegistryConfigFilePath <String>]
   [<CommonParameters>]
Get-ProcessMitigation
   [-System]
   [<CommonParameters>]

Description

Gets all process mitigation settings either by process name (either running or from -Registry), or by process ID. Can also save all settings to an XML file.

Examples

Example 1

PS C:\> Get-ProcessMitigation -Name notepad.exe -RunningProcess

Gets the current settings on all running instances of notepad.exe

Example 2

PS C:\> Get-ProcessMitigation -Name notepad.exe

Gets the current settings in the registry for notepad.exe

Example 3

PS C:\> Get-ProcessMitigation -Id 1304

Gets the current settings for the running process with pid 1304

Example 4

PS C:\> Get-ProcessMitigation -RegistryConfigFilePath settings.xml

Gets the all process mitigation settings from the registry and saves them to the xml file settings.xml

Example 5

PS C:\> Get-ProcessMitigation -FullPolicy

Gets all policies for all processes set in the registry.

Example 6

PS C:\> Get-ProcessMitigation -System

Gets the current system process mitigation defaults stored in the registry.

Example 7

PS C:\> Get-Process notepad | Get-ProcessMitigation

Gets the current process mitigation settings for all running instances of notepad.exe

Parameters

-FullPolicy

Returns every processes' current mitigation settings in the registry

Type:SwitchParameter
Aliases:f
Position:Named
Default value:False
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Id

Process Id to retrieve current running process mitigation settings from

Type:Int32[]
Position:0
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Name

{Current process name to get current running (Or from registry) process mitigation settings from one (Can be more than one instance)

Type:String
Aliases:n
Position:0
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-RegistryConfigFilePath

File to save the current registry process mitigation configuration to

Type:String
Aliases:o
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-RunningProcesses

Pull the current process mitigation settings from a running instance instead of the registry.

Type:SwitchParameter
Aliases:r
Position:Named
Default value:False
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-System

Pulls the current system defaults for process mitigations.

Type:SwitchParameter
Aliases:s
Position:Named
Default value:False
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

Int32[]

Outputs

Object