Microsoft Defender For Endpoint Lic MS Intune is required to use the Attack surface reduction feature ?

TECHIT SRIWICHAI 160 Reputation points
2023-03-19T13:02:41.94+00:00

My company is using Join ADDS On-Prime not using Azure AD Join but I want to adjust Config Attack surface reduction but I don't have Lic Intune what should I do please guide me

Microsoft Deployment Toolkit
Microsoft Deployment Toolkit
A collection of Microsoft tools and documentation for automating desktop and server deployment. Previously known as Microsoft Solution Accelerator for Business Desktop Deployment (BDD).
826 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,191 questions
Microsoft Intune Security
Microsoft Intune Security
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
330 questions
0 comments
Accepted answer
  1. Andrew Blumhardt 9,491 Reputation points Microsoft Employee
    2023-03-20T01:35:26.11+00:00

    I think it may be possible to configure ASR rules using GPO without Intune. Though it can be difficult to manage without data collection. Usually you would audit and review the results to create exceptions before blocking. Intune and MDE help to gather and manage these better.

    https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/enable-attack-surface-reduction

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest