New and Updated Microsoft Intune Device Control Policy Settings

New day new blog post. This is more of an updated guide to what I've written some time ago (check below) https://shehanperera.com/2022/08/06/mem-device-control-1/ What I Will Be Covering? 👇🏽 What's New?🌟 Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria🌟 Removable Storage Access🌟 Defender Scanning (this setting can … Continue reading New and Updated Microsoft Intune Device Control Policy Settings

The Calm After the Storm. Microsoft Ignite 2022 All Endpoint Management and Identity and Access Announcements

Microsoft Ignite 2022 just finished and it was a blast! So many new product updates and announcements. It was truly exciting to see all the Ignite related news. Because obviously it was a lot and probably the LinkedIn feeds are flooded with the updates and reposts and what not, I thought to give it a … Continue reading The Calm After the Storm. Microsoft Ignite 2022 All Endpoint Management and Identity and Access Announcements

Configure “Enhanced Phishing Protection in Microsoft Defender SmartScreen” in Windows 11 22H2 via Endpoint Manager

Windows 11 22H2 update brought a lot of good stuff and as a tech enthusiast I really appreciate what Microsoft is doing to ensure the end user devices are protected. Enhanced Phishing Protection in Microsoft defender SmartScreen is one of them. While the features are available to the standard Windows Home user, I tested these … Continue reading Configure “Enhanced Phishing Protection in Microsoft Defender SmartScreen” in Windows 11 22H2 via Endpoint Manager

Device Hardening with Endpoint Manager Security Baseline for Windows Policy

The word on the street is not "If I get hacked" but "when I will get hacked" and securing your infrastructure starts from your end users and devices and hardening those devices that the users use every day have never been so important. Security Baseline policy for Windows 10 and later. This is one of … Continue reading Device Hardening with Endpoint Manager Security Baseline for Windows Policy

How to Use Endpoint Manager Import ADMX Function to Map Shared Drives

Earlier this year I wrote the same but more of a manual method to map drives using Endpoint Manager OMA-URI function and by ingesting the ADMX files in raw form to configure the drives. https://shehanperera.com/2022/04/01/network_shares_with_mem/ After Microsoft announced the Preview of the Import ADMX function, I was thrilled as I wanted to test out a … Continue reading How to Use Endpoint Manager Import ADMX Function to Map Shared Drives

Use Conditional Access Policies to Securely Register Security Information for MFA and SSPR

Hello there! This week I thought I will write one more article on Conditional Access Policies. As you know setting up an access policy is easy and it is basically mandatory to have one or more polices now, but you may have internal polices where anyone who is registering for MFA must do that in … Continue reading Use Conditional Access Policies to Securely Register Security Information for MFA and SSPR

How to Migrate Group Policies to Microsoft Endpoint Manager using Group Policy Analytics

Hello again. Today I'm writing about the MEM Group Policy Analytics feature which is still in preview, and how you can inspect your local GPOs and migrate them to MEM. Why you ask? Organizations whether the are big or small, if they are managed by Active Directory domain service, chances are there are Group Policies … Continue reading How to Migrate Group Policies to Microsoft Endpoint Manager using Group Policy Analytics

How to Use KQL and Azure Log Analytics to Inspect Azure AD Sign-in Logs?

As you may already know KQL has become the standard for querying large data sets in Azure Log Analytics space. When you have thousands of users who are in Azure AD and when you have MFA and other Conditional Access Policies setup, next thing you will see is tons of sign in logs, activity logs, … Continue reading How to Use KQL and Azure Log Analytics to Inspect Azure AD Sign-in Logs?

How to configure Remote Help using Microsoft Endpoint Manager

I think it's too soon to compare Remote Help with a tool like TeamViewer because Remote Help feature with Microsoft Endpoint Manager just went on GA this week. I was looking at this option for quite a while and finally got time to test and write about it. Remote Help app and Quick Assist appRemote … Continue reading How to configure Remote Help using Microsoft Endpoint Manager

How To Create and Usages of Microsoft Endpoint Manager (MEM) Device Filters

MEM device filters finally came out of preview to General Availability (GA) and lets see why we need to use device filters. What Device Filters Does? This helps the Endpoint Manager policies to apply in a more targeted manner. This feature is similar to the setting up targeted GPO assignments or probably GPO loopback processing. … Continue reading How To Create and Usages of Microsoft Endpoint Manager (MEM) Device Filters

How To Set Defender For Endpoint To Work In Parallel When Defender Is Not The Primary A/V In The Workstation/ Server

EDR in Block Mode EDR stands for Endpoint Detection and Response. MDE has the capability to work in parallel to the 3rd party A/V running in the device. While this will not provide 100% of the tasks done by an A/V which includes real-time protection, it will help to report malicious activities.Because there is a … Continue reading How To Set Defender For Endpoint To Work In Parallel When Defender Is Not The Primary A/V In The Workstation/ Server

I’ve completed the MDE Ninja Training and it was great! (my thoughts and experience)

It took me sometime, but finally completed the MDE Ninja training. I got to know about this course from a local user group meetup and it hit me. This certificate is not a standard Microsoft certificate, but I would say more of an achievement celebration from Microsoft for the effort we put to learn the … Continue reading I’ve completed the MDE Ninja Training and it was great! (my thoughts and experience)