Defender

A tool to assess and automate configuration in the Defender portal

Improve Defender performance by performing one full scan

Automate analysis of MDE Client Analyzer output for common issues

Note This article was last updated on 01/30/2025 for readability and updated URLs. I am working on updating this for the UI changes that have been made to Intune :)

Note This article was last updated on 01/27/2025 for readability and updated URLs, but content review is in process. New guidance is to enable the credential theft rule out of the box, and there are new rules to put in audit mode and add to the queries.

Note This article was last updated on 01/26/2025 for readability and updated URLs. Unfortunately, images were not able to be restored from a previous hosting provider :(

Note This article was last updated on 01/26/2025 for readability and new images due to UI changes made in Intune. I tried to keep the original style and flow, and the original post content can be found in the Twitter link at the end. A new article will revisit this and add new capabilities.