Inferensys

Glossary

Credential Guard

A Windows virtualization-based security feature that isolates user credentials in a protected virtualized environment, preventing credential theft attacks like Pass-the-Hash.
Data engineer managing feature store on laptop, feature definitions visible, casual data engineering session.
VIRTUALIZATION-BASED SECURITY

What is Credential Guard?

Credential Guard is a Windows security feature that uses virtualization-based security (VBS) to isolate and protect user login credentials, preventing common credential theft attacks.

Credential Guard is a virtualization-based security (VBS) feature that isolates the Local Security Authority (LSA) subsystem process, storing cached domain credentials and secrets in a protected virtualized container inaccessible to the rest of the operating system. By leveraging the hypervisor to create a secure memory enclave, it prevents malware running with SYSTEM privileges from extracting hashed credentials or Kerberos tickets.

This protection directly mitigates Pass-the-Hash (PtH) and Pass-the-Ticket attacks by ensuring that even if an attacker compromises the kernel, they cannot dump the NT hash or TGT session key from the isolated LSAIso.exe process. Credential Guard requires hardware support including a 64-bit CPU with virtualization extensions, SLAT, and a TPM 2.0 for secure key protection.

Virtualization-Based Security

Key Features of Credential Guard

Credential Guard leverages hardware virtualization and Virtualization-Based Security (VBS) to isolate secrets, preventing the most common credential theft attack vectors.

01

Hardware-Isolated LSA Protection

Credential Guard moves the Local Security Authority (LSA) process into a separate, isolated virtual machine called the Isolated LSA (LSAIso). This prevents malware running with SYSTEM privileges in the host OS from reading process memory or injecting code to dump hashes. The isolated environment is protected by Second Level Address Translation (SLAT) and I/O MMU virtualization extensions.

02

Kerberos Ticket Shielding

All Kerberos ticket-granting tickets (TGTs) and NTLM hashes are stored exclusively within the isolated LSAIso process. Even if an attacker compromises the host kernel, they cannot extract these secrets because the isolated environment does not share memory pages with the normal operating system. This directly defeats Pass-the-Hash (PtH) and Pass-the-Ticket attacks.

03

Trustlet Execution Model

The isolated LSA runs as a trustlet—a small, purpose-built binary executing in Virtual Secure Mode (VSM). Trustlets have a minimal attack surface and communicate with the host OS only through a strictly defined, cryptographically secured RPC channel. This architecture prevents unauthorized code execution within the secure boundary.

04

Secrets Unsealing via TPM

Credentials stored by Credential Guard are encrypted and sealed to the identity of the machine using the Trusted Platform Module (TPM). The TPM measures the boot chain integrity into Platform Configuration Registers (PCRs). If the boot process is tampered with, the PCR values change, and the TPM refuses to unseal the decryption keys, rendering stolen vault files useless offline.

05

Defense Against Mimikatz & DCSync

Credential Guard blocks the primary techniques used by tools like Mimikatz to extract credentials. It prevents reading the LSASS process memory, blocks the WDigest protocol from storing plaintext passwords, and restricts the MSV1_0 authentication package. It also mitigates DCSync attacks by protecting domain controller replication secrets when enabled on domain controllers.

06

Hypervisor-Enforced Code Integrity (HVCI)

Credential Guard is often deployed alongside HVCI, also known as Memory Integrity. HVCI runs inside the same VSM environment and validates that all kernel-mode drivers and binaries are signed and have not been tampered with before allowing them to execute. This prevents rootkits and kernel exploits from disabling Credential Guard's protections.

CREDENTIAL GUARD SECURITY

Frequently Asked Questions

Explore the most common questions about Windows Credential Guard, its architecture, and how it defends against credential theft attacks in enterprise environments.

Credential Guard is a Virtualization-Based Security (VBS) feature introduced in Windows 10 Enterprise and Windows Server 2016 that isolates user credentials in a protected virtualized environment, preventing credential theft attacks like Pass-the-Hash (PtH) and Kerberoasting. It works by leveraging Hyper-V hypervisor technology to create a separate, isolated kernel mode that hosts the Local Security Authority (LSA) process, known as LSAIso. When a user authenticates, the credentials are stored in this isolated vault rather than in the main operating system's memory. Even if an attacker gains SYSTEM-level privileges on the host OS, they cannot access the isolated memory region because the hypervisor enforces strict memory access boundaries. Credential Guard specifically protects NTLM password hashes, Kerberos Ticket Granting Tickets (TGTs), and credentials stored by applications as domain credentials. The feature requires hardware support including Intel VT-x or AMD-V virtualization extensions, Second Level Address Translation (SLAT), and Trusted Platform Module (TPM) 2.0 for optimal security posture.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.