New Update (in Preview) for Defender for Endpoint: Enroll devices without joining them to Azure AD: You need to enable the preview-feature in the Defender for Endpoint-Portal: Settings > Endpoints > Advanced features > Preview features And create a dynamic group based on the systemLabels property containing the “MDEManaged” value to get all MDE-managed devices “Important: If a Windows device was managed by Defender for Endpoint via
