InTune (Microsoft): Anti-malware check

Anti-malware Check

Here are step by step instructions for Intune (Mac and PC) for Anti-malware enforcement for user endpoints. After confirming you are set up correctly, an integration sync is required (or wait until the nightly sync)


  1. Go to
  2. Click on "Devices" from left sidebar menu.
  3. On "Devices" page menu, Scroll down the inner sidebar to "Policy" section and click on "Configuration Profiles".
  4. Click "Create Profile".
  5. In "Platform dropdown", select "Windows 10 and later" option.
  6. In "Profile type" select "Templates" option.
  7. Select "Device Restrictions" from Template names section and click create button.
  8. Name your policy as "Windows Native Antivirus Enabled", provide any description(optional) and click "Next".
  9. In "Configuration Settings" tab, Scrolldown to "Microsoft Defender Antivirus" and expand it. Set the value for following checkboxes as below:
    • Real-time monitoring =>  Enable
    • Behavior monitoring => Enable
    • Scan all downloads => Enable
    • Monitor file and program activity =>  Monitor all files
  10. Click "Next"
  11. In "Assignments" tab, In "Included groups" section, click "Add all devices", and click "Next".
  12. Skip the "Applicability Rules" and click "Create" button


  1. Install Gatekeeper or Xprotect on your machine


This test does not apply to Linux devices.

Was this article helpful?

Have more questions? Submit a request



Article is closed for comments.