In this final video in the Windows 10 Isolated User mode series Dave takes us through several engineering aspects associated with trustlets. First he describes how lsass.exe (the Local Security Authority Subsystem Service responsible for enforcing security on Windows) now can have a companion process running in the Secure System (LsaIso.exe otherwise known as Credential Guard - tasked with protecting secrets). He then delves into more generic trustlet concerns and how the Secure Kernel in Isolated User Mode deals with these challenges.
Overall it was tremendously fascinating to learn some of the great innovations that are happening in the Windows 10 Operating System from the folks that are actually working on the code! I'm hoping to get a lot more content from this wonderful set of engineers and look forward to the great conversations we get to have.