Application Resilience policies for Microsoft Defender for Endpoint

System requirements

Application Resilience policies for Defender for Endpoint are supported only on devices running a supported version of the Windows operating system and any version of Defender for Endpoint.

Health checks

In addition to checking the version, the following table describes the health checks performed:

Component	Test
Services	Running	Signed by
Windows Defender Advanced Threat Protection Service (MsSense.exe)	P	Microsoft Windows Publisher
Registry keys	Exists	Key value
HKLM:\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection	P	OnboardingInfo

About repairing Defender for Endpoint

You can configure an Application Resilience policy for Defender for Endpoint to enable the Application Resilience (RAR) component A lightweight software component of the Absolute agent that detects the status of third party applications installed on a device. The component may also attempt to repair the third party application if it is non-compliant. The RAR component is deployed on a device only when the device is associated with a customized policy group and that policy group's Application Resilience policy is activated. to attempt to repair Defender for Endpoint if it's not functioning.

NOTE The Report, repair, and reinstall option isn't supported. Depending on the Absolute product licenses associated with your account, the Report and repair option may not be available.

The RAR component of the Absolute agent can respond to the following issues:

Issue	Resolution
Repair
The Windows Defender Advanced Threat Protection Service (MsSense.exe) isn't running	The RAR component restarts the service.

Configuring Application Resilience policies

Before you activate an Application Resilience policy you need to configure the policy.

NOTE You don't need to configure the application version for Defender for Endpoint.