The purpose of this blog post is to inform you how to configure Attack Surface Reduction (ASR) via Endpoint Security Profiles with Microsoft Intune

The purpose of this blog post is to inform you how to manage the File Type Associations for multiple entities or departments via a Microsoft List and make it easier to maintain the File Type Associations.

The purpose of this blog post is to inform you how to manage the file type associations via a Microsoft List and make it easier to manage the file type associations.

The purpose of this blog post is to inform you how to manage the File Type Associations for Windows 10 and 11 via Microsoft Intune

The purpose of this blog post is to inform you how to configure Microsoft defender for Endpoint so that Microsoft Defender SmartScreen can be used.

This knowledgebase item to help you out with the reboot and logon twice issue during autopilot ESP

The purpose of this blog post is to inform you how to whitelist a URL/Domain in Microsoft Defender SmartScreen for a device that is managed by Microsoft Intune and devices that are onboarded to Defender for Endpoint.

The purpose of this blog post is to inform you how to configure Microsoft Defender SmartScreen in Windows, Edge, and Google Chrome via Microsoft Intune.

The purpose of this blog post is to inform you how to enforce Multi-Factor Authentication (MFA) via an external device during Windows logon and UAC prompts. A 3rd party tool Duo Security makes this possible.

The purpose of this blog post is to inform you how to enforce a BitLocker startup Pin for standard users. I was inspired by the solution of Oliver Kieselbach, but his solution was user-driven and not enforced so I decided to change some settings, make a proactive remediation script, and create a custom Compliance check to enforce the BitLocker startup pin.