Thanks everyone, for your participation in this AMA! Below are the questions the panelists covered during the session, as well as associated timestamps: 

Question – Can you share some of the history/thought behind where endpoint security came from within Intune, and how it lives in Intune, and what some of those early thoughts and ideas—and where the inspiration came from for endpoint security?  – answered at 2:28.

Question – Do we have a road map to bring Windows Server to Intune? Where we are on the Linux Endpoints in support with Intune Endpoint Security?  – answered at 7:15.

• Please share your feedback on Linux at aka.ms/IntuneFeedback

Question – What are some tips, or ways you’ve seen common misconfigurations, and general learning you have to share? – answered at 12:32.

Question – The age old question: native multi-tenancy management, from a managed services provider's perspective. I think this pertains to security and zero trust due to the fact many providers solution for this is a guest admin account in the clients org with global privileges. What are some best practices around multi-tenancy—using guest accounts, how you should audit that, how you should keep track of it, etc.? – answered at 15:43.

Question – Are there audit logs for Intune management? – answered at 18:18.

Question – AVDs (IaaS VMs) + Windows 11 combinations, we are missing the patching directly from Intune in terms of Auto patch. Any plan for that? If so, it will give some sort of relaxation on the vulnerability management in terms of quality updates for a better security. – answered at 21:24.

Question – What are some of the biggest challenges you’ve seen for customers, where they’ve solved it in the past couple years? And then what are some of the biggest challenges you see coming up in the next few years, specifically pertaining to endpoint security? – answered at 22:56.

Question – Is there any plans to expand on the functionality of Endpoint Privilege Management? And is there any changes that can be done that can speed up the reply from an elevation requests?– answered at 27:32.

Question – Since you work so closely with the Defender team-- what is one of the highlights that came out this past year and what’s one of the new things that’s been announced that coming out in the next few months, with regards to integrations with Microsoft Defender? – answered at 30:31.

Question – Intune integrates with Defender and conditional access for risked based compliance, but how does integration handle real time enforcement across non-Windows devices?  – answered at 37:48.

Question – Would it be possible to introduce dynamic Intune policies based on things such as device risk levels, locations, known application vulnerabilities etc..? – answered at 43:18.

Question – Using MAM-WE (without enrollment) with App Protection policies, is there a way to require Microsoft Defender to be not just installed but also have "Check for harmful links" enabled? – answered at 45:05.  

Question – Are there any parting thoughts or things you'd like to add? – answered at 46:44. 

Question – I've sent a wipe request to a device which a user took away when they left, on Intune it still hasn’t done the wipe and I think it’s because it’s not connected to a network yet? Also does Intune continue to send the wipe request until its done? – answered at 51:07.