Windows Defender Security Center offers this feature. Called Device Security, it offers status reporting and management of security features built into your devices – including toggling features on to provide enhanced protection. However, It doesn’t work on a software level; the hardware needs to support it as well. Your firmware should support Virtualization, which enables the Windows 11/10 PC to run applications in a container, so they don’t get access to other parts of the system. Your device must meet the requirements for standard hardware security This means your device should support memory integrity and core isolation and also have:

TPM 2.0 (also referred to as your security processor)Secure boot enabledDEPUEFI MAT

Enable Core Isolation & Memory Integrity in Windows 11

It is probably the easiest way to enable or disable Virtualization-based Security in Windows 11. In other words, you need to enable Core isolation to get it done. For that, do the following:

Search for windows security in the Taskbar search box.Click on the individual search result.Switch to the Device security tab.Click on the Core isolation details option.Toggle the Memory integrity button to turn it on.Restart your computer.

Enable Core Isolation & Memory Integrity in Windows 11/10

Memory integrity (hypervisor-protected code integrity) is a security feature of Core isolation that prevents attacks from inserting malicious code into high-security processes. Toggle to turn it On.

Once enabled, it will ask you to restart the PC to completely enable Memory Integrity. If later on, you face application compatibility issues, you may need to turn this off.

Enable or Disable Core Isolation and Memory Integrity using Registry

You can also use the Registry, to enable or disable Core isolation Memory integrity using Registry Editor, follow these steps: To learn more about these steps, keep reading. Precaution: Before heading to the REGEDIT steps, don’t forget to create a System Restore point. To get started, press Win+R to open the Run dialog, type regedit, and hit the Enter button. If the UAC prompt appears on your screen, click on the Yes option to open the Registry Editor. Next, navigate to the following path: Right-click on the Scenarios key > New > Key, and name it as HypervisorEnforcedCodeIntegrity.

Then, you have to create a REG_DWORD value. For that, right-click on HypervisorEnforcedCodeIntegrity > New > DWORD (32-bit) Value, and name it as Enabled.

By default, it comes with a Value data of 0, meaning it is disabled. However, if you want to enable this functionality, double-click on it to set the Value data as 1.

Click the OK button and restart your computer. That said, there are two more options that might be available depending on the hardware of your PC. Windows 11/10 also offers Hypervisor Protected Code Integrity (HVCI)  when you start with clean installs. Those who are on old hardware, will have the ability to opt-in post the upgrade using the UI in Windows Defender Security Center (WDSC). This enhancement will ensure that the kernel process that verifies code integrity runs in a secure runtime environment. Read:

Incompatible driver turns off Memory Integrity in Windows 11Virtualization-based Security not enabled in Windows 11.