157: Deploy MDM based policies for EDR/AV
Overview
Endpoint Detection and Response (EDR) policies configure Microsoft Defender for Endpoint settings on devices. These policies include onboarding devices to ensure they are monitored and protected, advanced threat detection for real-time monitoring and alerting, and response tools for actions like isolating compromised devices, running antivirus scans, and collecting investigation packages.
Antivirus policies in Intune manage Microsoft Defender for Endpoint antivirus settings. They enable or disable real-time protection, configure scheduled scans, define exclusions for files, folders, and processes, and enable cloud-delivered protection for faster threat detection. These policies ensure continuous monitoring and protection against threats.