Figure 1 Windows 10 compliance policy in Intune
Figure 2 Machine-risk based conditional access compliance check on endpoint
Furthermore, if any other machines were exploited in this attack through the remote shell, Windows Defender ATP detects these as ‘High Risk’ as well, and these machines are also marked non-compliant by Microsoft Intune and blocked from accessing corporate resources. During the investigation and remediation, conditional access keeps corporate data in OneDrive for Business, SharePoint, and other cloud apps safe until the device is clean and risk removed. Conditional access has helped many of our customers dramatically improve their protection by assessing the risk of each request for access to a system, an application, or data, in real time. Integrating Windows Defender ATP with conditional access provides even more reason to choose Microsoft 365 to protect your critical business data. Learn more about the new capabilities with Windows Defender ATP and conditional access.You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.