Powershell

A field note on using Intune proactive remediations to detect Microsoft Defender version drift, trigger updates, and keep evidence.

Shadow IT is the natural enemy of a clean software inventory. In my environment, users with legacy local admin rights used to install whatever they wanted—unapproved browsers, outdated image editors, and “handy” utilities. These apps quickly became an IT headache, especially when Microsoft Defender for Endpoint flagged them as End-of-Life (EOL) or End-of-Support (EOS). Instead of playing whack-a-mole with individual apps in the portal, I developed a workflow that starts with a deep hunt in Defender and ends with an automated “kill” via Intune. ...

How we standardized reset outcomes with one custom ISO for USB resets and one Win32 cleanup app for stock Windows reset paths.

How I clean up unauthorized Firefox installations across my organization using Intune remediations and Defender KQL.

Use Intune proactive remediation to keep Firefox updated by checking versions and auto-installing updates.