Thanks everyone, for your participation in this AMA! Below are the questions the panelists covered during the session, as well as associated timestamps: 

Question – Can you share some of the history/thought behind where endpoint security came from within Intune, and how it lives in Intune, and what some of those early thoughts and ideas—and where the inspiration came from for endpoint security?  – answered at 2:28.

Question – Do we have a road map to bring Windows Server to Intune? Where we are on the Linux Endpoints in support with Intune Endpoint Security?  – answered at 7:15.

• Please share your feedback on Linux at aka.ms/IntuneFeedback

Question – What are some tips, or ways you’ve seen common misconfigurations, and general learning you have to share? – answered at 12:32.

Question – The age old question: native multi-tenancy management, from a managed services provider's perspective. I think this pertains to security and zero trust due to the fact many providers solution for this is a guest admin account in the clients org with global privileges. What are some best practices around multi-tenancy—using guest accounts, how you should audit that, how you should keep track of it, etc.? – answered at 15:43.

Question – Are there audit logs for Intune management? – answered at 18:18.

Question – AVDs (IaaS VMs) + Windows 11 combinations, we are missing the patching directly from Intune in terms of Auto patch. Any plan for that? If so, it will give some sort of relaxation on the vulnerability management in terms of quality updates for a better security. – answered at 21:24.

Question – What are some of the biggest challenges you’ve seen for customers, where they’ve solved it in the past couple years? And then what are some of the biggest challenges you see coming up in the next few years, specifically pertaining to endpoint security? – answered at 22:56.

Question – Is there any plans to expand on the functionality of Endpoint Privilege Management? And is there any changes that can be done that can speed up the reply from an elevation requests?– answered at 27:32.

Question – Since you work so closely with the Defender team-- what is one of the highlights that came out this past year and what’s one of the new things that’s been announced that coming out in the next few months, with regards to integrations with Microsoft Defender? – answered at 30:31.

Question – Intune integrates with Defender and conditional access for risked based compliance, but how does integration handle real time enforcement across non-Windows devices?  – answered at 37:48.

Question – Would it be possible to introduce dynamic Intune policies based on things such as device risk levels, locations, known application vulnerabilities etc..? – answered at 43:18.

Question – Using MAM-WE (without enrollment) with App Protection policies, is there a way to require Microsoft Defender to be not just installed but also have "Check for harmful links" enabled? – answered at 45:05.  

Question – Are there any parting thoughts or things you'd like to add? – answered at 46:44. 

Question – I've sent a wipe request to a device which a user took away when they left, on Intune it still hasn’t done the wipe and I think it’s because it’s not connected to a network yet? Also does Intune continue to send the wipe request until its done? – answered at 51:07.

Using MAM-WE (without enrollment) with App Protection policies, is there a way to require Microsoft Defender to be not just installed but also have "Check for harmful links" enabled?

I have a question about the Security Baselines.

When new security baselines are available for on-premises environments (ADMX), it takes a long time before the new security baselines are available in Intune, like Edge or Windows 25H2 baseline.

Is it possible to make this available faster when released?

Would it be possible to introduce dynamic Intune policies based on things such as device risk levels, locations, known application vulnerabilities etc..?

Some great things coming out of the Endpoint Blade, Kudos...   

Is there any plans to expand on the functionality of Endpoint Privilege Management?
And is there any changes that can be done that can speed up the reply from an elevation requests?

(The request from a client show up in Intune fast, but from approval in Intune until it can be used on the client is slow.)

Include Defender compliance settings for macOS devices like "isUpToDate" "DefenderRunning"

Are there audit logs relates to Intune Management? (example: trace who deleted a device in Intune)

Include KB Numbers in Intune Expedite Policy Update Dropdown

Currently, it's difficult to identify and differentiate between Out-of-Band (OOB) updates when using the Expedite installation of quality updates feature in Intune.

For example, two OOB updates were recently released to address issues related to the Windows 10 BitLocker recovery screen and the other is related to a Windows 11 issue. However, when reviewing the available updates in the expedite policy dropdown, it becomes challenging for admins to determine which specific patch to deploy, especially when relying only on the OS version listed.

To improve clarity and avoid confusion, I recommend displaying the corresponding KB numbers alongside each update in the dropdown menu. This would make it significantly easier for admins to identify and select the appropriate updates for deployment.

Welcome to Tech Community Live and today's AMA on security policy and endpoint management with Microsoft Intune! Post your questions here in the comments anytime.