Is MDEValidator free?

Yes, MDEValidator is completely free to use. It is an open-source tool available to the Intune community.

PowerShell ModuleSecurity

MDEValidator

A PowerShell module for validating Microsoft Defender for Endpoint configurations. Checks service status, real-time protection, cloud protection, ASR rules, network protection, tamper protection, SmartScreen policies, and MDE onboarding status with HTML and console reporting.

Works with

WindowsDefender

Created by

Nathan Hutchinson

View on GitHubGitHub Download

Security Analysis

6of 6

All Checks Passed

2 files scanned on Jan 8, 2026

No Obfuscated Code

No Remote Execution

No Credential Theft

No Data Exfiltration

No Malicious Patterns

No Hardcoded Secrets

AI Analysis

No security issues detected. Code appears safe for an Intune management tool.

Screenshots

PS Script

Intune Make Enrollment User Admin

This Intune-deployable script elevates the enrollment user to a local administrator on Windows devices. Packaged as an .INTUNEWIN app, it is deployed through Microsoft Intune to targeted users with install and uninstall commands to grant or revoke admin rights after enrollment. It uses a requirements check for detection and can be reconfigured later, providing an Autopilot-like capability fully managed by Intune.

Niklas Rast

PS Script

IntuneStatefulDeviceFingerprinting

KuShu-Shimon Intune Stateful Device Fingerprinting (ISDF) provides a tamper-resistant device fingerprint for enrolled Windows devices, enforced via Intune Custom Compliance and DPAPI-encrypted baselines. In Cloud mode it attests fingerprints to Entra ID through APIM and a Logic App to enable trusted device filters, dynamic groups, and stronger Conditional Access policies. The solution collects on-device signals, stores encrypted baselines, self-heals missing keys, and reports ISDF booleans for compliant state.

Graham Hild

Web App

KQL Search

A specialized search engine for discovering Kusto Query Language (KQL) queries. Features query discovery across Microsoft Sentinel, Defender, and Azure Data Explorer, along with a Query Assistant, Query Generator, Query Lab for testing, and Device Query functionality. Aggregates community-contributed hunting queries and detection rules for threat hunting, vulnerability management, and incident response.

Ugur Koc

Documentation

OpenIntuneBaseline

A community-driven security baseline framework for Microsoft Intune. Provides pre-configured security policies for Windows, Windows 365, and macOS aligned with NCSC, CIS Benchmarks, ACSC Essential Eight, and Microsoft best practices. Importable via IntuneManagement tool or native Intune import.

James Robinson