Explore advanced techniques for bypassing Windows 10's Device Guard security feature in this 43-minute conference talk from Hack in Paris. Dive deep into the internals of Device Guard, also known as Windows Defender Application Control (WDAC), and discover various methods to subvert its protection in different contexts. Learn about new execution techniques, accidental AMSI bypasses, and other intriguing security insights. Examine rarely discussed and novel bypass methods, including those requiring admin access, Microsoft Office (without user interaction), and even low-privilege techniques using only native OS executables. Gain a comprehensive understanding of how Device Guard is implemented across various contexts, and explore the inner workings of Windows scripting engines and their host processes to grasp how certain techniques can circumvent this security measure.