(62) Intune - Proactive Remediations - Microsoft Defender

Microsoft Defender is heavily used and an important Antivirus tool, the info is delivered to Defender for Endpoint as a sensor

This is a list of Proactive Remediaton Scripts handy to run daily or weekly in Microsoft Intune.

1. Enable Real Time Behavior Monitoring

2. Enable Network Protection

3. Enable Real Time Protection

4. Enable PUA Protection(Potentially Unwanted Applications)

5. Enable Cloud Delivered Protection

The list of scripts can be found here: https://github.com/mrbernardmah/intune-proactive-remediations-security

All scripts to be setup with:

Run this script using the logged-on credentials: No

Enforce script signature check: No

Run script in 64-bit PowerShell: Yes

Instructions:

1. By navigating to https://endpoint.microsoft.com/ then select Reports.

2. Under Reports, select Endpoint Analytics

3. Then select Proactive remediations then select + Create script package.

4. Enter the following:

Name: Enable Network Protection

Description: Optional

Publisher: Dependent on who is logged into Intune

Version: 1

Then select Next.

5. Then under Detection Script file and Remediation script file, upload the PowerShell scripts.

6. Select Next then Next and deploy your assignments where you to get schedule once, daily or weekly.