Skip to main content
MEM v ENNBEE - Battles with Modern Endpoint Management

Endpoint Security

Converting AppLocker Policies to Intune Profiles
Intune Windows 10 and later AppLocker Security PowerShell Custom Profiles Graph API Endpoint Security
We know that there is no native configuration for AppLocker in Intune, and we should be looking at App Control for Business already, but there is still a place for AppLocker, and I haven’t got time to manually do anything, so let’s use PowerShell to create out AppLocker policies from exported XML files.
Scheduling Defender for macOS Antivirus Scans in Intune
Intune macOS Configuration Custom Profiles PowerShell Security Jamf Endpoint Security Microsoft Defender
You’d think creating Defender antivirus scan schedules should be pretty easy, even if the devices you’re working with are running macOS. Why are we having to create mobileconfig files for this in Microsoft Intune? Surely we can make this a little better?
Microsoft Intune and the Curious Case of the Converting Firewall Rule Policy
Intune Windows 10 and later Settings Catalog Security Firewall Endpoint Security PowerShell
When did Microsoft go all covert ops (maybe don’t answer that question) and start making changes to your very own Firewall Rule policies in Microsoft Intune without letting anyone know? Or did they?
Patching Gaps in the CIS Windows 11 Benchmark - Level 1 Windows 11
Intune Windows 10 and later Security Center for Internet Security (CIS) Endpoint Security Remediation Scripts PowerShell Settings Catalog Custom Profiles
The impact of the CIS settings on BitLocker and Windows Autopilot now done and dusted, we should broaden our horizons and start to look at what other problems the CIS level 1 benchmark brings to Windows 11 as a whole. Are there any? Will it be smooth sailing? Yeah, no.
Patching Gaps in the CIS Windows 11 Benchmark - BitLocker
Intune Windows 10 and later Security Center for Internet Security (CIS) Custom Profiles BitLocker Direct Memory Access Settings Catalog Endpoint Security
Everyone loves a security benchmark, and with the imminent move to Windows 11 for everyone, the Center for Internet Security released version 3.0.1 of theirs, including a build kit for Microsoft Intune, but what does this build kit break for BitLocker encryption?
Creating Reusable Groups of Firewall Settings for Microsoft Online Services
Intune Windows 10 and later Security PowerShell Graph API Settings Catalog Firewall Automation Endpoint Security
It’s time to remove another manual process, this time the creation of Microsoft 365 network endpoints for Windows Firewall Rules in Microsoft Intune, because nobody should be creating these manually.
Automatically Resizing the WinRE Partition for Windows Update KB5034441
Intune Windows 10 and later Software Updates PowerShell Remediation Scripts BitLocker Endpoint Security Security
When Microsoft releases an update that won’t install due to the size of a Recovery partition, what do you do? Follow the manual steps provided by Microsoft or blindly follow a script created by a stranger on the internet?
Modernising Microsoft Intune Firewall Rule Policies
Intune Windows 10 and later PowerShell Graph API Settings Catalog Security Firewall Automation Endpoint Security
If you’ve ever experienced the joys of migrating Group Policy and in particular Windows Defender Firewall rules away from Group Policy to Microsoft Intune, you’ve probably encountered the Rule Migration Tool, and for now this tool has worked well. So what’s the catch?
Revisiting macOS National Cyber Security Centre Security Settings
Intune macOS Security National Cyber Security Centre (NCSC) Configuration Endpoint Security Custom Profiles
With the improved support for macOS devices in Microsoft Intune, it’s time we revisited how to secure macOS devices aligned the National Cyber Security Centre guidance.