Microsoft Defender Vulnerability Management - Intune Managed Devices

Hello guys gals (and other),

Can anyone explain this statement to me, in the cloud first world why are only GPOs supported? We have a large number of devices with policy fully managed by intune and would like to review the CIS baselines for these devices. Any ideas how this can be done?

'The benchmarks currently only support Group Policy Object (GPO) configurations and not Microsoft Configuration Manager (Intune).'