Automation

Shadow IT is the natural enemy of a clean software inventory. In my environment, users with legacy local admin rights used to install whatever they wanted—unapproved browsers, outdated image editors, and “handy” utilities. These apps quickly became an IT headache, especially when Microsoft Defender for Endpoint flagged them as End-of-Life (EOL) or End-of-Support (EOS). Instead of playing whack-a-mole with individual apps in the portal, I developed a workflow that starts with a deep hunt in Defender and ends with an automated “kill” via Intune. ...

How I clean up unauthorized Firefox installations across my organization using Intune remediations and Defender KQL.

How I use Intune Proactive Remediation to hunt and remove unauthorized apps that users installed back when they had admin rights.