Microsoft Intune Manual Device Management

Microsoft Intune device management configuration policies, scripts & apps are a all tools administrators can use to remotely manage intune managed devices. Instead of waiting for the devices to poll for changes to polciies, the policies can be manually pushed to expidite delivery. This may be useful in a pinch, it may also be a sign of an impatient attacker trying to speed up the delivery of their payload. This detection identifies when a device management configuration policy sync events, on-demand remediation scripts are triggered or when devices are remotely restarted.