@JKFrancis
Apologies for the delay in responding to your query. Do you see this alert for all the machines where defender is installed ?
Following are the settings checked when Azure security advisor reports this alert.
Defender for Cloud recommends Endpoint protection should be installed on your machines when Get-MpComputerStatus runs and the result is AMServiceEnabled: False
Defender for Cloud recommends Endpoint protection health issues should be resolved on your machines when Get-MpComputerStatus runs and any of the following occurs:
Any of the following properties are false:
AMServiceEnabled
AntispywareEnabled
RealTimeProtectionEnabled
BehaviorMonitorEnabled
IoavProtectionEnabled
OnAccessProtectionEnabled
If one or both of the following properties are 7 or more:
AntispywareSignatureAge
AntivirusSignatureAge
Reference: https://learn.microsoft.com/en-us/azure/defender-for-cloud/endpoint-protection-recommendations-technical?wt.mc_id=defenderforcloud_inproduct_portal_recoremediation&WT.mc_id=Portal-Microsoft_Azure_Security
Deployment Guide for Microsoft Defender for Endpoint - https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/deployment-strategy?view=o365-worldwide
If you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.
----------
Please remember to "Accept Answer" if my answer helped, so that others in the community facing similar issues can easily find the solution.