Forum Discussion
MDE Vulnerability Management - Baseline Assessment
hi,
my config: W11, trial M365 E5, MDE onboarded, trail paid add-on for Vulnerability Management assigned to the test user who logs on to my W11 test machine.
On this webpage
we can see NOTE:
The benchmarks currently only support Group Policy Object (GPO) configurations and not Microsoft Configuration Manager (Intune).
Does anybody have any idea what on earth does that mean?
What GPO? What does MDVM has to do with GPO, especially if I am AADJoined.
Does that mean the paid feature for Vulnerability Management does not work on AADJ machines?
My AADJ W11 device is in the scope, the CIS assessment seems to apply to it but all settings show failed - seems like it did not manage to actually check anything.
How do I run CIS assessment on AADJ machines from MDE?
thanks!
- AragornIron ContributorIt means it can only detect GPO applied policies at the moment. So any policies that are applied through the CSP scope are not detected.