When you are working on Windows 10 Modern Management it is a journey – and every month we are getting new feature.

Update Compliance has been out in preview for some time now – but it has been only se see updates on Windows 10 devices.

When doing Modern Management on Windows 10 with Intune we can do policies on how the Windows Defender is configured – but we are missing reporting on Windows Defender on less we are running Windows Defender Advanced Threat Protection.

As part of Windows Analytics – Update Compliance – Windows Defender AV Assessment just showed up.


Now we can see if any devices has signature out-of-date and Real-time protection is off.

But we also knows  when Windows Defender has remediated or it has failed – so now we can actually do something about a devices that have problems with remediation.


Important Terms
Signature out of date devices are devices with signature older than 14 days.
  • No real-time protection devices are devices who are using Windows Defender AV but have turned off Real-time protection.
  • Recently disappeared devices are devices that were previously seen by Windows Defender AV and are no longer seen in the past 7 days.
  • Remediation failed devices are devices where Windows Defender AV failed to remediate the threat. This can be due to reason like disk full, network error, operation aborted, etc. Manual intervention may be needed from IT team.
  • Not assessed devices are devices where either a third party AV solution is used or it has been more than 7 days since the device recently disappeared.


If you dont have Windows Analytics enabled – start now!!

Here is how to setup Windows Analytics – Update Compliance:

How to setup Update Compliance (Preview)