MicrosoftDocs
diff --git a/‎memdocs/intune/protect/includes/security-config-mgt-prerequisites.md‎
Lines changed: 3 additions & 7 deletions b/‎memdocs/intune/protect/includes/security-config-mgt-prerequisites.md‎
Lines changed: 3 additions & 7 deletions
diff --git a/‎memdocs/intune/protect/media/mde-security-integration/add-role-in-mde.png‎
-79.8 KB b/‎memdocs/intune/protect/media/mde-security-integration/add-role-in-mde.png‎
-79.8 KB
diff --git a/‎memdocs/intune/protect/media/mde-security-integration/add-role.png‎
-65.3 KB b/‎memdocs/intune/protect/media/mde-security-integration/add-role.png‎
-65.3 KB
@@ -4,7 +4,7 @@ description: include file
 author: brenduns
 ms.service: microsoft-intune
 ms.author: brenduns
-ms.date: 05/12/2022
+ms.date: 09/12/2022
 ms.topic: include
 ---
 ## Prerequisites
@@ -123,13 +123,9 @@ To support Microsoft Defender for Endpoint security configuration management thr
    > [!TIP]
    > Use pilot mode and the proper device tags to test and validate your rollout on a small number of devices. Without using pilot mode, any device that falls into the scope configured will automatically be enrolled.
 
-1. Make sure the relevant users have permissions to manage endpoint security settings in Microsoft Endpoint Manager or grant those permissions by configuring a role in the Microsoft 365 Defender portal. Go to **Settings** > **Roles** > **Add item**:
-   :::image type="content" source="../media/mde-security-integration/add-role-in-mde.png" alt-text="Create a new role in the Defender portal.":::
-   > [!TIP]
-   > You can modify existing roles and add the necessary permissions versus creating additional roles in Microsoft Defender for Endpoint
-1. When configuring the role, add users and be sure to select **Manage endpoint security settings in Microsoft Endpoint Manager**:
+1. Make sure the relevant users have permissions to manage endpoint security settings in Microsoft Endpoint Manager. If not already provided, request for your IT administrator to grant applicable users the Microsoft Endpoint Manager’s **Endpoint Security Manager** [built-in RBAC role](../fundamentals/role-based-access-control.md).
+
 
-      :::image type="content" source="../media/mde-security-integration/add-role.png" alt-text="Grant users permissions to manage settings.":::
 1. Sign in to the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
 1. Select **Endpoint security** > **Microsoft Defender for Endpoint**, and set **Allow Microsoft Defender for Endpoint to enforce Endpoint Security Configurations** to **On**.