How Microsoft Defender Health Status is Determined - Connect IT Community

/* * These styles apply ONLY to the header and footer assets. */ * { padding: 0; margin: 0; box-sizing: border-box; } .super-nav { display: flex; justify-content: flex-end; align-items: center; margin: 0 auto; max-width: 1264px; padding-left: 40px; padding-right: 40px; height: 40px; text-align: right; } .super-nav a { color: #34427c; margin-right: 20px; padding: 10px; text-decoration: none; } .super-nav a:hover, .super-nav a:focus { background-color: #f7f9fa; } .footer { background: #f5f5f6; color: #555a62; font-size: 14px; line-height: 1.5; padding: 0; } .footer-image { background-image: url("/themes/kaseya/assets/images/footerImage.png"); height: 500px; background-repeat: no-repeat; background-size: cover; margin-top: -100px; } .footer-wrap { padding-left: 18px; padding-right: 18px; max-width: 1236px; margin: 0 auto; } .footer-main-content { background-color: #000; padding: 100px 0; } .footer .footer-col-title { color: #ffffff; font-weight: 700; font-size: 13px; padding-bottom: 10px; text-transform: uppercase; } .footer .footer-link { color: #9b9ca0; text-decoration: none; } .footer .footer-link:hover, .footer .footer-link:focus, .footer .footer-link:active { text-decoration: underline; } .footer-main-content .footer-link { padding-top: 10px; } .footer-row { display: flex; flex-wrap: wrap; justify-content: space-between; align-items: center; margin: -3px; } .footer-main-content-row { align-items: flex-start; } .footer-bottom-content { padding: 10px; align-items: center; } .footer-col { padding: 0 3px; display: flex; flex-direction: column; } .footer-col-copyRight { justify-content: flex-start; color: #9b9ca0; flex: 1; display: flex; } .footer-last-col { flex-direction: row; } .footer-last-col .footer-link { padding-right: 10px; text-transform: uppercase; } @media screen and (max-width: 768px) { .super-nav { padding-right: 0; } .footer-image { height: 250px; } .footer-main-content { padding: 40px 0; } .footer .footer-col-title { padding-top: 10px; } .footer-row:not(.footer-main-content-row) { display: block; } .footer-col:not(.footer-main-content-col) { width: 100%; text-align: center; padding: 10px 0; } .footer-main-content-col { width: 50%; } .footer-last-col { flex-direction: column; } .footer-last-col .footer-link { padding-bottom: 10px; } } /*# sourceMappingURL=styles.css.map */ Ask the Community Groups

How Microsoft Defender Health Status is Determined - Connect IT Community | Kaseya

Where does Defender Health status come from?

Microsoft Defender reports the health status of its endpoint agent. Defender Manager collects this information and uses it to display the overall health status of a managed Defender device.

Defender Manager will mark a device as unhealthy if it displays any of these indicators.

Specific Health status indicators will be displayed on the Defender Tab on the Device Details page as seen below:

In the example above the device is unhealthy because Status: Service is not running.

Disabling certain features such as real-time scanning does not indicate an unhealthy device as it may be a desired configuration of the customer.

Defender Health Indicators
SERVICE_UNAVAILABLE	Service not running.
MPENGINE_UNAVAILABLE	Service started without any malware protection engine.
THREAT_FULLSCAN_REQUIRED	Pending full scan due to threat action.
THREAT_REBOOT_REQUIRED	Pending reboot due to threat action.
THREAT_MANUAL_STEPS_REQUIRED	Pending manual steps due to threat action.
DUE_AV_SIGNATURE	Antivirus signatures out of date.
DUE_AS_SIGNATURE	Antispyware signatures out of date.
DUE_QUICK_SCAN	No quick scan has happened for a specified period.
DUE_FULL_SCAN	no full scan has happened for a specified period
DUE_SAMPLES	There are samples pending submission.
NONGENUINE	Product is running in non-genuine Windows mode.
PRODUCT_EXPIRED	Product expired.
SERVICE_ON_SYSTEM_SHUTDOWN	Service is shutting down as part of system shutdown.
SERVICE_CRITICAL_FAILURE	Threat remediation failed critically.
SERVICE_NON_CRITICAL_FAILURE	Threat remediation failed non-critically.
DUE_PLATFORM_UPDATE	The platform is out of date.
INPROGRESS_PLATFORM_UPDATE	Platform update is in progress.
PLATFORM_ABOUT_TO_BE_OUTDATED	The platform is about to be outdated
END_OF_LIFE	The signature or platform end of life is past or is pending.