Seeking Guidance on Monitoring Antivirus Coverage in Intune with PowerShell

Swahela Mulla 90 Reputation points
2023-10-17T14:58:18.6933333+00:00

Hello,

I am interested in monitoring the antivirus coverage rate of endpoints managed through Microsoft Intune. Specifically, I need to determine the percentage of endpoints with active and up-to-date antivirus software installed, based on reporting data from Intune.

If anyone has a PowerShell script, command, or API that can assist me in achieving this programmatically within the context of Intune, please share your guidance and assistance.

Additionally, if anyone has a step-by-step document or tutorial that covers the process within Intune, it would be extremely helpful if you could share that with me.

Thank you in advance for your support and insights.

Microsoft Intune Security
Microsoft Intune Security
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
370 questions
Microsoft Intune Reporting
Microsoft Intune Reporting
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Reporting: The process of giving an account of something that has been observed, heard, done, or investigated.
65 questions
Microsoft Intune Compliance
Microsoft Intune Compliance
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Compliance: Adhering to rules, standards, policies, and laws.
143 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,649 questions
PowerShell
PowerShell
A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
2,256 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Crystal-MSFT 45,486 Reputation points Microsoft Vendor
    2023-10-18T02:00:19.9033333+00:00

    @Swahela Mulla, Thanks for posting in Q&A. From your description, I know you want to monitor the percentage of endpoints with up-to-date antivirus software.

    Based as I know, maybe you can configure custom compliance policy to monitor the Antivirus software status:

    1. Firstly, check if there's any registery key or file which can determine the antivirus is update.
    2. Then create custom compliance discovery script to detect the antivirus software is updated. https://video2.skills-academy.com/en-us/mem/intune/protect/compliance-custom-script
    3. Create custom compliance policy to mark the device without the updated antivirus as not compliant.

    Here is an example to detect app for yoru reference:

    https://andrewstaylor.com/2022/06/14/understanding-custom-intune-compliance-policies/

    Note: Non-Microsoft link, just for the reference.

    After the compliance policy applied, we can get the percentage of endpoints with up-to-date antivirus software via the compliance status of this policy as a workaround.

    Hope the above information can help.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.