Zero-day prevention. Is there a Windows program that encrypts files on-the-fly, keeping only the currently open file decrypted?
I'm looking for a program for Windows that can securely store my code. The program should be able to encrypt my files on-the-fly, such that only the file I'm currently using is kept decrypted (mainly the current source file(s) I'm working on in Visual Studio 2022 for confidential projects).
Once I'm done with the file, it should be encrypted again. This would ensure that even if my PC were to be compromised by some kind of exploit/RCE, my code would remain safe as all source files are dynamically encrypted.
Yes, the attacker could potentially try accessing the files the same way I do, thus decrypting them. But this wouldn't work as easily if I need to enter a password or something prior to allowing the files to be decrypted.
Ideally, I'd prefer not to use a program like VeraCrypt, which requires me to manually mount and unmount the drive (leaving all files within the drive fully decrypted upon mount). I'm looking for a solution that can automatically encrypt and decrypt files on-the-fly.
Does such a program exist? If not, what would be a good approach to achieving this?
Lastly, I'm currently using Bitdefender Total Security as my anti-malware software and Microsoft Edge with malware protection enabled. I've put a lot of trust into Bitdefender's Advanced Threat Defense module (which is supposed to detect and prevent zero days), but I want to be as safe as humanly possible. So, if anyone has recommendations for more software that could protect me against exploits/RCEs I would be greatly appreciative.
And for those that want to preach the obvious, yes, I know I'm on Windows and that I could be coding on Linux or some other OS to reduce the attack surface, but it's not ideal for me to use anything other than Windows for software development at this time unfortunately (I am currently running Atlas OS).
I also know that I am unlikely to be specifically targeted by some kind of APT or have literal million dollar RCEs wasted on me, but I am VERY paranoid as something similar happened to me in the not so distant past (TLDR; got hit with a chromium RCE allowing the attackers full access to my file system, letting them steal highly confidential files).
