Here's how it looks like:  https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction#:~:text=4637%2Dbb3f%2Da12568109d35-,Block%20credential%20stealing%20from%20the%20Windows%20local%20security%20authority%20subsystem,Authority%20Subsystem%20Service%20(LSASS).&text=Microsoft%20Defender%20Credential%20Guard%20in,to%20extract%20credentials%20from%20LSASS. > In some apps, the code enumerates all running processes and attempts to open them with exhaustive permissions. Check if we can do it without triggering that warning.
Here's how it looks like:
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction#:~:text=4637%2Dbb3f%2Da12568109d35-,Block%20credential%20stealing%20from%20the%20Windows%20local%20security%20authority%20subsystem,Authority%20Subsystem%20Service%20(LSASS).&text=Microsoft%20Defender%20Credential%20Guard%20in,to%20extract%20credentials%20from%20LSASS.
Check if we can do it without triggering that warning.