Blog Post

Intune Customer Success
1 MIN READ

Support Tip: Updates to Microsoft Defender ATP baseline

Intune_Support_Team's avatar
Mar 30, 2020

For customers who are taking advantage of Microsoft Endpoint Manager’s Security Baselines for Microsoft Defender ATP, you might notice a banner in the UI of the Device Management admin console indicating a new baseline version has been released with this iteration.

 


Existing profiles will continue to work as expected – no action is needed.

To make any changes/customizations to settings within a profile that has an updated baseline available, Microsoft requires you update that profile to a supported version of a baseline and make your changes.

 

You can select the two versions of the baseline and then choose ‘Compare baselines’ to download a CSV file that details those differences. There are changes in these areas:

  • BitLocker,
  • Windows Hello for Business,
  • Exploit Protection,
  • Folder protection,
  • Credential guard,
  • SmartScreen,
  • and Application Guard


When you are ready, the update process can be started by selecting ‘Profiles’ under the Microsoft Defender ATP baseline, select ‘Change Version’. To learn more, see “Change the baseline version for a profile“.

 

Updated Dec 19, 2023
Version 3.0
  • AdrianBishop's avatar
    AdrianBishop
    Brass Contributor

    I think at the moment the whole endpoint security is a bit of a mess

    there are the same settings in device configuration, you have ATP profiles, security baseline profiles, now i see another split out of items

     

    Can we have some consistent approach to defining device configurations please

     

    I even tried the new bitlocker policy and it spat errors (admit is still preview)