Support Tip: Updates to Microsoft Defender ATP baseline

This post has been republished via RSS; it originally appeared at: Intune Customer Success articles.

For customers who are taking advantage of Microsoft Endpoint Manager’s Security Baselines for Microsoft Defender ATP, you might notice a banner in the UI of the Device Management admin console indicating a new baseline version has been released with this iteration.

 

MDATP baselines.jpg


Existing profiles will continue to work as expected – no action is needed.

To make any changes/customizations to settings within a profile that has an updated baseline available, Microsoft requires you update that profile to a supported version of a baseline and make your changes.

 

You can select the two versions of the baseline and then choose ‘Compare baselines’ to download a CSV file that details those differences. There are changes in these areas:

  • BitLocker,
  • Windows Hello for Business,
  • Exploit Protection,
  • Folder protection,
  • Credential guard,
  • SmartScreen,
  • and Application Guard


When you are ready, the update process can be started by selecting ‘Profiles’ under the Microsoft Defender ATP baseline, select ‘Change Version’. To learn more, see “Change the baseline version for a profile“.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.