the endpoint protection should have a new malware policy that will allow a central management of the windows defender security center - ransomware protection - allow an app through controlled folder access, allowing the IT admin to add/remove controlled folder access (and maybe give the user access to add extra files whenever required, but allow the IT admin to decide)

at the moment all the AV messages are in ConfigMgr, but if there is an outbreak there is only one way, via mail about alerting in CM, or we can configure StatusMessage rules to start something. Can we have a option to grab that infos to a SIEM like sentinel to get faster response about an outbreak? We need also reporting (very slow) and other mechanism in ConfigMgr that are very slow, but alerts in this case should be faster, like CM-Pivot automation to send some info's directly to a SIEM system, to get more possibility's.

Please provide the applicable windows defender application guard , etc policies in the sccm client properties like you already do for baselines . This makes it much easier for troubleshooting .

Ask change the requirements of Endpoit Protection Point. When we are installing Endpoit Protection Point the Windows Defener service should be started on the server. Because we are using a third-party anti-virus software, even if Windows Defener does not operate as an anti-virus software, we do not want to be configured to coexist multiple anti-virus.

If you're using the SCEP Client on a RDS Server and Malware has been found, every User on this Server gets a Notification from SCEP.

This really confuses many users and increases Service-Desk Calls, if you have Servers with for example more then 20 User Sessions.

Because of this, we currently have no other choice then to hide the User Interface.

It would be great if the Notification are only shown in the Session of the User, which triggered the Alert.

SCEP Marketing and Comparisons to Competition. For years I've been trying to get my account team to help us sell our security teams on the idea of switching to SCEP. To do that, we need material to help us market SCEP as a viable solution. We need to be able to compare features from our current vendor to SCEP. We need an objective look at what we gain versus what we give up if we move from our current solution. Unfortunately, it doesn't seem any of this exists.

Wildcards can not be used when configuring Excluded Processes in Exclusion Settings in the anti-malware policy.
Since it is judged as an invalid character string, please add a function so that it can be used.

With Windows Defender alone, you can use wildcards for process exclusion.

Use wildcards in the process exclusion list
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus#use-wildcards-in-the-process-exclusion-list

Although AM Policies are deployed to Collections just like Custom Client Settings, there isn't a tab to show you deployed AM Policies on collection console views.

Bonus points: Look at Device view and Collection view tabs, and make the names congruent ("Custom Client Settings" vs. "Client Settings")

Super Bonus Points: Resultant Set of Antimalware Polies view which has been suggested elsewhere for a long time (https://configurationmanager.uservoice.com/forums/300492-ideas/suggestions/10237263-add-a-view-for-resultant-set-of-policy-for-anti-ma
and
https://configurationmanager.uservoice.com/forums/300492-ideas/suggestions/8398638-policy-resultant-for-scep-policy-like-clients-sett)

Super Extra Bonus Points: Resultant Set of Client Settings and Resultant Set of Antimalware Policies should clearly show what pages were set by what policy. (https://configurationmanager.uservoice.com/forums/300492-ideas/suggestions/14855388-resultant-set-of-client-settings-should-show-what)

Thanks!

If a directory has an apostrophe in it (for example, C:\Program Files\Malwarebytes' Anti-Malware"), it is not possible to add an exclusion of the directory or a file in the directory as an error dialog states "The path contains one or more of the invalid characters." As it is possible to create a directory with an apostrophe in it, it should be possible to add the directory to the exclusion settings for SCEP.