Hi Team,

We have recently migrated from TrendMicro to MSDATP ( Cloud) along with Defender as AV . We have deployed Exploit Guard policy on all WKs  through SCCM CB however when i checked Attack Surface detection rule -  shows Rule is turned off on  few machines . Any idea how to fix it and  Also please let me know which of ASR rules should be enabled in Audit mode for pilot phase .