Table of Contents
Introduction #
This policy checks for the following requirements of Windows 10 and later devices to ensure the Device is healthy and has the following baseline protections enabled:
This Compliance policy is only to be used if you are using Microsoft Defender for Endpoint and have integration setup to Microsoft Endpoint Manager
Policy Settings #
System Security
Microsoft Defender Antimalware | Require |
Microsoft Defender Antimalware security intelligence up-to-date | Require |
Real-time protection | Require |
Microsoft Defender for Endpoint
Require the device to be at or under the machine risk score: | Clear |
Actions for Non-Compliance #
Mark device noncompliant | immediately |
Assignments #
Users, Groups and Devices
Includes | – All Users |