If you want to remove a device from being managed by Microsoft Defender Security Center and bring it under Intune management, follow these steps:

Step 1: Exclude the Device from Specific Security Scans

  • Navigate to the Microsoft Defender Security Center (security.microsoft.com) and log in with your admin credentials.
  • Go to the “Devices” section and select the device you want to manage differently.
  • Use the “Exclude” option if you want to exclude the device from specific security scans or detections.
  • Note: Excluding a device does not remove it from Defender management; it simply excludes it from certain security activities.

Step 2: Remove the Device from Microsoft Defender Security Center

  • If you need to completely remove the device from Defender management, select “Manage” and then choose “Remove from Microsoft Defender Security Center” (or similar option).
  • Confirm the removal to ensure the device is no longer managed by Microsoft Defender.

Step 3: Enroll the Device in Intune

  • Sign in to the Microsoft Endpoint Manager admin center with your Intune administrator credentials.
  • Navigate to “Devices” and select the appropriate enrollment method (e.g., Autopilot, Azure AD join, or manual enrollment).
  • Follow the prompts to enroll the device in Intune. This may include providing device-specific information, user credentials, and accepting policies.

Once the enrollment is complete, the device will be managed by Intune, with the security and compliance policies you have set up within your Intune environment.

Note: Excluding a device from Microsoft Defender Security Center and enrolling it into Intune are separate processes, and one does not automatically trigger the other. Make sure to follow both steps as needed to fully transition management from Defender to Intune.