COMP-DV05: Windows 10 and later Microsoft Defender for Endpoint Enabled and Clear of Risks


This policy checks for the following requirements of Windows 10 and later devices to ensure the Device is healthy and has the following baseline protections enabled:

This Compliance policy is only to be used if you are using Microsoft Defender for Endpoint and have integration setup to Microsoft Endpoint Manager

Policy Settings

System Security

Microsoft Defender AntimalwareRequire
Microsoft Defender Antimalware security intelligence up-to-dateRequire
Real-time protectionRequire

Microsoft Defender for Endpoint

Require the device to be at or under the machine risk score:Clear

Actions for Non-Compliance

Mark device noncompliantimmediately


Users, Groups and Devices

Includes– All Users

Get Started!

The first three tenants are free! No credit card required.

Sign Up