Intune / SCCM – You can now apply Microsoft Defender policy using Intune/Endpoint Configuration Manager on devices managed by SCCM

As you know, SCCM and Intune/Endpoint Configuration Manager are being more and more close with each other.

Well, now you can define and apply Microsoft Defender policy from Endpoint Configuration Manager on devices managed by SCCM.

To be able to do it, you need to use the latest version of SCCM Current Branch 2002 with the KB4563473 hotifx or later and have your tenant attached (aka co-management feature setup, even if don’t really use the co-management capabilities).


Then you need to the Upload to Microsoft Endpoint Manager admin center option available under the Configure upload tab


Then you need to go back to the Assets and Compliance workspace to enable Device collection(s) synchronization to the Endpoint Manager portal using the Make this collection available to assign Endpoint security policies from Microsoft Endpoint Manager admin center option available under the Cloud Sync tab


Now you can connect to your Endpoint Configuration Manager portal ( to create a Windows 10 and Windows Server (ConfigMgr) profile for Microsoft Defender Antivirus from the Endpoint Security\Antivirus blade and configure the options to manage Microsoft Defender

image_thumb[2]  image_thumb[3]

Then the assignment will use SCCM Device Collections, which need to have been synchronized.

Benoit Hamet
Benoit Hamet
Benoit is working on Microsoft collaborative technologies He has been awarded as MVP for more than 12 years Currently MVP on Office 365 after being awarded on SharePoint (2011-2012) and Windows client & server (2002-2007) Speaker at various Microsoft events (TechDays, TechNet seminars) and Quest Software He works on on-premises (Active Directory, RADIUS/NPS, Exchange, Skype for Business, SharePoint, SQL, Terminal Server, Windows client and Windows Server) or online (Azure, Intune, Office 365, Exchange Online, SharePoint Online, Skype for Business Online, Teams) technologies