If you run the command:
you’d except to see all your Intune configuration policies displayed.
However, after connecting to the Microsoft Graph module you see that nothing is returned. My experience has also been receiving incomplete results using these commands.
What I have found is that using the Microsoft Graph directly by using commands like:
$uri = “https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/”
(Invoke-MSGraphRequest -Url $URI -HttpMethod GET).value
produces the desired results as shown above in the same environment.
So my tip is when working with Intune and Endpoint Manager with PowerShell is, use the Microsoft Grah directly to obtain and set the information you need.
As the MS documentation says:
Microsoft Defender External Attack Surface Management (Defender EASM) continuously discovers and maps your digital attack surface to provide an external view of your online infrastructure.
Basically you plug in your resources like:
- Web Pages
- IP Blocks
- IP Addresses
- SSL Certificates
- WHOIS Contacts
Defender EASM will then use these as a ‘seed’ to search through public information and report back.
You’ll then discover not only if you have any vulnerabilities in things like routers, web sites, etc but you’ll also probably find a whole swag of information that you didn’t know was out there.
In short, Defender EASM, acts as kind of a scheduled ‘penetration test’ for your environment, which I think is super handy
As you can see above, it ain’t very expensive either! To me that makes it a no-brainer. In my environment I have 40 odd discovered assets making the cost 64 cents a day and just over $19 per month! Peanuts for what it provides. Best of all, you also get a a free 30 day trial to see what it is all about.
Like Microsoft Sentinel back in the day, it is still early days for this service and I expect it to improve rapidly so now is the time to jump on board and start using it to get a feel for what it is all about. I certain have, and I encourage you to do the same.
Microsoft has documentation here:
Defender EASM Overview
if you want to read more.
Join me for the free monthly CIAOPS Need to Know webinar. Along with all the Microsoft Cloud news we’ll be taking a look at Teams Shared Channels in Microsoft 365.
Shortly after registering you should receive an automated email from Microsoft Teams confirming your registration, including all the event details as well as a calendar invite.
You can register for the regular monthly webinar here:
August Webinar Registrations
(If you are having issues with the above link copy and paste – https://bit.ly/n2k2208 – into your browser or scan this QR code)
The details are:
CIAOPS Need to Know Webinar – August 2022
Friday 26th of August 2022
11.00am – 12.00am Sydney Time
All sessions are recorded and posted to the CIAOPS Academy.
The CIAOPS Need to Know Webinars are free to attend but if you want to receive the recording of the session you need to sign up as a CIAOPS patron which you can do here:
or purchase them individually at:
Also feel free at any stage to email me directly via firstname.lastname@example.org with your webinar topic suggestions.
I’d also appreciate you sharing information about this webinar with anyone you feel may benefit from the session and I look forward to seeing you there.