Microsoft Defender and antimalware
Most endpoints should also have an antimalware/antivirus solution installed and activated. In this chapter, we will focus on how to use Microsoft Defender Antivirus, but there are other good options available too. I recommend looking at the current list of vendors reviewed in the latest tests from AV-Comparatives, as detailed at https://www.av-comparatives.org/tests/business-security-test-2021-august-november/, which can give some indication of what the best options now are.
When it comes to the configuration and management of Microsoft Defender Antivirus, this is also done via Group Policy or using Microsoft Endpoint Manager similar to what we did when configuring ASR rules.
While there are a lot of settings we can configure, I recommend using much of the same blueprint, as detailed at https://desktop.gov.au/blueprint/abac/intune-configuration.html#antivirus, by the Australian Government, Digital Transformation Agency.
The most important...
