Enable tamper protection remotely without using Intune

Matthew Robles 0 Reputation points
2024-01-11T21:50:51.17+00:00

I have asked this question in the general forums but have not received a sufficient response to my question. I work for an MSP; we manage thousands of machines and utilize Labtech as our endpoint manager.

Is there a way to enable tamper protection for a machine/bulk machines without using Intune or the Defender UI? It really does not make sense that I can just flip a switch in the Defender UI and it's all set, but I cannot invoke commands via PowerShell or make changes to the registry remotely to accomplish this task.

Any and all help would be appreciated. Thank you.

Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
3,000 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Ian Xue 39,286 Reputation points Microsoft Vendor
    2024-01-15T05:01:56.4466667+00:00

    Hi Matthew Robles,

    Thanks for the post. Despite of the Microsoft Intune, you can also try to use Configuration Manager or Configuration Manager with tenant attach.

    Method 1, protect Microsoft Defender Antivirus exclusions from tampering if you're using Intune only or Configuration Manager only. See Tamper protection for antivirus exclusions.

    Method 2, turn tamper protection on (or off), tenant wide, or apply tamper protection to some users/devices. You can exclude certain devices from tamper protection. See Manage tamper protection for your organization using tenant attach with Configuration Manager, version 2006.

    Here are all the available methods provided by Microsoft, just for your reference. https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection?view=o365-worldwide#how-do-i-configure-or-manage-tamper-protection

    Best Regards,

    Ian Xue


    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.