Simplifying compliance remediation with Microsoft Intune and Defender on iOS/iPadOS
By: Harish S | Sr. Product Manager - Microsoft Defender & Rishita Sarin | Product Manager 2 - Microsoft Intune One tap to compliance: Introducing the Resolve workflow for Compliance Remediation in Microsoft Intune and Microsoft Defender on iOS. We’re thrilled to announce a major step forward in simplifying the compliance remediation experience for users and IT admins alike. As part of a collaboration between Microsoft Intune and Microsoft Defender, we’re introducing a new compliance remediation workflow, which uses a Resolve button to make it easier than ever for users to bring their mobile device back into compliance. Why this matters Traditionally, when a user’s device was marked noncompliant due to missing security apps like Microsoft Defender, they had to navigate through multiple apps, follow multi-step instructions, and often re-authenticate – often to resolve a single issue. This created friction, confusion, and delays in regaining access to corporate resources. With the new end-to-end remediation workflow triggered by the Resolve button, we’re eliminating those extra steps. What’s news Starting with the latest releases in Intune and Defender, users on iOS and iPadOS will have a Resolve button directly within Microsoft 365 productivity apps (such as Microsoft Outlook or Teams) when their device is non-compliant due to Defender-related requirements. This button: Detects the non-compliance reason. Launches or installs Microsoft Defender if it’s missing. Automatically re-evaluates compliance requirements once Defender is running. Returns the user to their app – no switching, no guesswork. This is powered by just-in-time (JIT) registration and compliance remediation which embeds the compliance flow directly into the app experience. Microsoft Defender experience: Guided, automated, and frictionless return to compliance The Resolve button is more than just a shortcut, it’s the entry point to a guided remediation workflow powered by Defender. Once launched: Defender auto-triggers a guided workflow that remediates issues with minimal or no user interaction. A checklist guides the user through necessary steps to return to compliance, ensuring clarity and confidence on common scenarios such as authentication issues, missing permissions, device registration issues, remediate active threats, and more. Upon completion, Defender updates the compliance state of the device. The user is automatically redirected back to the productivity app they started from with no manual navigation required. This seamless handoff between Intune and Defender ensures that users stay focused on their work, not on troubleshooting. Conclusion Effortless for users, efficient for admins. If you already use JIT registration and compliance remediation in Intune for enrolled iOS devices, the Resolve button is automatically enabled for supported scenarios. If not, consider setting up JIT now to experience the new compliance remediation experience, it’s simple to configure and significantly improves user experience and support efficiency. Refer to the following documentation for more information: Set up just-in-time registration Use JIT registration and JIT compliance remediation for all your iOS/iPadOS enrollments If you have any questions, leave a comment on this post or reach out on X @IntuneSuppTeam.
Windows Defender AntiVirus with Intune
Hello Windows Defender antivirus is enabled with Intune(Co-managed deployment) Antivirus policy, Our organization normally had Symantec and did not use Defender. However the below is showing in Virus and Threat Protection. Basic settings are used in the policy: Allow Archive Scanning Allowed. Scans the archive files. Allow Behavior Monitoring Allowed. Turns on real-time behavior monitoring. Allow Cloud Protection Allowed. Turns on Cloud Protection. Allow Email Scanning Not allowed. Turns off email scanning. Allow Full Scan On Mapped Network Drives Not allowed. Disables scanning on mapped network drives. Allow Full Scan Removable Drive Scanning Allowed. Scans removable drives. Allow scanning of all downloaded files and attachments Allowed. Allow Realtime Monitoring Allowed. Turns on and runs the real-time monitoring service. Allow Scanning Network Files Not allowed. Turns off scanning of network files. Allow Script Scanning Allowed. Allow User UI Access Allowed. Lets users access UI. Avg CPU Load Factor 50 Check For Signatures Before Running Scan Enabled Cloud Block Level High Cloud Extended Timeout 50 Days To Retain Cleaned Malware 0 Disable Catchup Full Scan Disabled Disable Catchup Quick Scan Disabled Enable Low CPU Priority Disabled Enable Network Protection Enabled (block mode) PUA Protection PUA Protection on. Detected items are blocked. They will show in history along with other threats. Real Time Scan Direction Monitor all files (bi-directional). Scan Parameter Quick scan Schedule Quick Scan Time 720 Schedule Scan Day Monday Signature Update Interval 4 Submit Samples Consent Send safe samples automatically.Microsoft Defender ATP onboarding support for Configuration Manager tenant attach
Microsoft is excited to announce another step in the deep integration between Microsoft Endpoint Manager and Microsoft Defender ATP. Microsoft Defender ATP onboarding capabilities are now available in the Endpoint Manager console for deployment to Configuration Manager standalone clients.
