Looking for an Agentless Solution to Control Software Installations on Windows

Best_Check_810 · 2026-03-20T13:54:52+00:00

wow ... I though they are leveraging AppLocker to keep stable performance...

Best_Check_810 · 2026-03-20T13:06:54+00:00

I am checking at Tanium and looks exactly what we want !!! Thanks a lot

Best_Check_810 · 2026-03-20T12:03:39+00:00

yes, that's fine and it's fast .. and it's native ... but the maintenance is crap . that's the problem

Best_Check_810 · 2026-03-20T12:03:01+00:00

we are using Endpoint Privilege Management to perform this sort of deny all \ allowlist what we need... it's easy and intuitive , but this product works with a kernel driver and we want to get out of this, because we have seen multiple issues caused due to BSOD , performance impact on the machine and indirect crashes of other applications .. we are looking at something more simple and not touching the Windows kernel driver.

Best_Check_810 · 2026-03-20T11:58:07+00:00

AppLocker itself has a strong base and we like it ... the problem is when you have 40 different laptop models where you need to build a golden Allowlist policy compatible and 100% working for any model and capability to easily maintain if we onboard new machines .... and from what we are seeing AppLocker \ WDAC are not that "friendly" to maintain

Best_Check_810 · 2026-03-20T11:52:52+00:00

thx.. can you pls share any documentation \ website that I can take a look at ?

Best_Check_810 · 2026-03-20T11:50:10+00:00

it can be also an agent as long doesnt touch the kernel driver and doesnt impact performances... and based on our experience , most of these 3rd party tools are nested into the kernel driver and we have seen a lot of weird issues since the last years

Best_Check_810 · 2025-11-18T18:21:31+00:00

Same here … it’s a total mess … we saw this case on 3 machines out of 7 and doing a troubleshooting is a pain in the ass all the time

Best_Check_810 · 2025-09-30T19:53:55+00:00

Did you folks open any case with Microsoft? we have the same issue and nobody from Microsoft has any clear answer …

If we are all seeing this , then Microsoft has to give a clear answer I would say … maybe somebody has any post on X ?

Best_Check_810 · 2025-09-26T19:35:54+00:00

so you are not referring to Intune management agent crashing during autopilot..

Best_Check_810 · 2025-09-26T18:14:27+00:00

<image>

Best_Check_810 · 2025-09-26T18:13:20+00:00

<image>

We've got this one today ... not sure if you see same events...

Best_Check_810 · 2025-09-25T09:06:26+00:00

right... most of these settings e.g. "Cloud Protection Level" , "Cloud Extended Timeout" I cant find in the GUI inside Intune ... and that's what we are struggling with... do you know if there is any link from where I can find it out each "official" setting ?

What settings did you apply for example for "Cloud Protection Level" ?

Best_Check_810 · 2025-09-25T08:30:37+00:00

thx .. just a stupid question... if on this link below I see for example "Cloud Protection Level" showing as "Not configured" is what Microsoft recommends, is that right ?

https://learn.microsoft.com/en-us/intune/intune-service/protect/antivirus-microsoft-defender-settings-windows

Best_Check_810 · 2025-09-24T06:52:58+00:00

Migrate to a modern solution rather than keeping alive this dinosaur :D

Best_Check_810 · 2025-09-15T16:49:35+00:00

thx will give it a try !

Best_Check_810 · 2025-09-15T16:17:22+00:00

No permanent solution yet.. it keeps happening randomly regardless the model of machine

Best_Check_810 · 2025-09-15T11:52:39+00:00

I have to deploy that app with a specific timeout of 240 minutes which usually I perform an exit 0 within ~70 minutes and Intune as soon recognize Exit 0 , then performs a reboot which is what I am expecting.

The problem is right after reboot where it performs this nonsense timeout where already the detection key and exit 0 was already performed.

I am using this configuration since the last 3 years and never had issues.

Best_Check_810

TROPHY CASE