M365 Archive

RM498899 - Microsoft Intune: Additional granular RBAC controls to manage Antivirus, Firewall, BitLocker, and Endpoint Detection and Response endpoint security workloads

Microsoft 365 Roadmap

Summary

Expanded granular RBAC controls to manage Endpoint Security workloads. The ‘Security baselines’ permission previously included all security policies and now all security workloads have their own permission set

Roadmap ID

498899

View in M365 Roadmap

Last Updated

Oct 1, 2025

Published Aug 18, 2025

Status

In development

Release

General Availability

Platforms

Android
Desktop
iOS
Mac

Service

Microsoft Intune

Tag

In development
General Availability
Worldwide (Standard Multi-Tenant)
GCC
GCC High
DoD

Cloud

DoD
GCC
GCC High
Worldwide (Standard Multi-Tenant)

Description

Expanded granular RBAC controls to manage Endpoint Security workloads. The ‘Security baselines’ permission previously included all security policies and now all security workloads have their own permission set

GA date: November CY2025