diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/contoso-machine-group.png b/windows/security/threat-protection/microsoft-defender-atp/images/contoso-machine-group.png
new file mode 100644
index 0000000000..954724e574
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/contoso-machine-group.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/jamfpro-policies.png b/windows/security/threat-protection/microsoft-defender-atp/images/jamfpro-policies.png
new file mode 100644
index 0000000000..bf7d34f9d9
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/jamfpro-policies.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/onboarding-macos.png b/windows/security/threat-protection/microsoft-defender-atp/images/onboarding-macos.png
new file mode 100644
index 0000000000..e0cbad4ba1
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/onboarding-macos.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md
index 95dd5fbc9e..319ed3379c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md
@@ -19,6 +19,10 @@ ms.topic: conceptual
# Log in to JamF Pro
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md)
+
1. Enter your credentials.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro.md
index df5ad2ad1c..1bfe968470 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro.md
@@ -19,14 +19,18 @@ ms.topic: conceptual
# Deploying Microsoft Defender ATP for macOS with JamF Pro
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md)
+
Learn how to deploy Microsoft Defender ATP for macOS with JamF Pro.
This is a multi step process. You'll need to complete all of the following steps:
- [Login to the JamF Portal](mac-install-jamfpro-login.md)
-- [Setup the device groups in JamF]()
-- [Setup the Microsoft Defender ATP policies for JamF]()
-- [Enroll the devices into JamF]()
+- [Setup the Microsoft Defender ATP for macOS device groups in JamF Pro](mac-jamfpro-device-groups.md)
+- [Setup the Microsoft Defender ATP for macOS policies in JamF Pro](mac-jamfpro-policies.md)
+- [Enroll the Microsoft Defender ATP for macOS devices into JamF]()
- [Enroll your macOS]()
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md
index 7c838148de..1f5786a0c5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md
@@ -19,6 +19,10 @@ ms.topic: conceptual
# Set up Microsoft Defender ATP for macOS device groups in JamF Pro
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md)
+
Set up the device groups similar to Group policy organizational unite (OUs), Microsoft Endpoint Configuration Manager's device collection, and Intune’s device groups.
1. Navigate to **Static Computer Groups**.
@@ -31,6 +35,9 @@ Set up the device groups similar to Group policy organizational unite (OUs), Mi
-4. Now you will see the “Contoso’s Machine Group” under “Static Computer Groups”.
+4. Now you will see the **Contoso's Machine Group** under **Static Computer Groups**.
- ![]()
\ No newline at end of file
+ 
+
+## Next step
+- [Set up Microsoft Defender ATP for macOS policies in JamF Pro](mac-jamfpro-policies.md)
\ No newline at end of file
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-policies.md b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-policies.md
new file mode 100644
index 0000000000..33f408134e
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-policies.md
@@ -0,0 +1,205 @@
+---
+title: Setup the Microsoft Defender ATP for macOS device groups in Jamf Pro
+description: Learn how to setup the Microsoft Defender ATP for macOS device groups in Jamf Pro
+keywords: microsoft, defender, atp, mac, installation, deploy, uninstallation, intune, jamfpro, macos, catalina, mojave, high sierra
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dansimp
+author: dansimp
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance
+ms.topic: conceptual
+---
+
+# Setup the Microsoft Defender ATP for macOS device groups in Jamf Pro
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md)
+
+1. In the JamF Pro dashboard, navigate to **Configuration Profiles**.
+
+2. Select **New**.
+
+ 
+
+3. In [Microsoft Defender Security Center](https://securitycenter.microsoft.com ), navigate to **Settings > Onboarding**.
+
+4. Select macOS as the operating system and Mobile Device Management / Microsoft Intune as the deployment method.
+
+ 
+
+5. Select **Download onboarding package** (WindowsDefenderATPOnboardingPackage.zip).
+
+6. Extract `WindowsDefenderATPOnboardingPackage.zip` such as `WindowsDefenderATPOnboardingPackage_macOS_MDM_contoso`.
+
+7. Copy the file from `C:\Users\JaneDoe_or_JohnDoe.contoso\Downloads\WindowsDefenderATPOnboardingPackage_macOS_MDM_contoso\jamf\WindowsDefenderATPOnboarding.plist`.
+
+8. Use the following Microsoft Defender ATP configuration settings:
+ - enableRealTimeProtection
+ - passiveMode
+
+ >[!NOTE]
+ >Not turned on by default, if you are planning to run a third-party AV for macOS, set it to `true`.
+
+ - exclusions
+ - excludedPath
+ - excludedFileExtension
+ - excludedFileName
+ - exclusionsMergePolicy
+ - allowedThreats
+
+ >[!NOTE]
+ >EICAR is on the sample, if you are going through a proof-of-concept, remove it especially if you are testing EICAR.
+
+ - disallowedThreatActions
+ - potentially_unwanted_application
+ - archive_bomb
+ - cloudService
+ - automaticSampleSubmission
+ - tags
+ - hideStatusMenuIcon
+
+ For information, see [Property list for Jamf configuration profile](mac-preferences.md#property-list-for-jamf-configuration-profile).
+
+```
+
+
+
+
+ antivirusEngine
+
+ enableRealTimeProtection
+
+ passiveMode
+
+ exclusions
+
+
+ $type
+ excludedPath
+ isDirectory
+
+ path
+ /var/log/system.log
+
+
+ $type
+ excludedPath
+ isDirectory
+
+ path
+ /home
+
+
+ $type
+ excludedFileExtension
+ extension
+ pdf
+
+
+ $type
+ excludedFileName
+ name
+ cat
+
+
+ exclusionsMergePolicy
+ merge
+ allowedThreats
+
+ EICAR-Test-File (not a virus)
+
+ disallowedThreatActions
+
+ allow
+ restore
+
+ threatTypeSettings
+
+
+ key
+ potentially_unwanted_application
+ value
+ block
+
+
+ key
+ archive_bomb
+ value
+ audit
+
+
+ threatTypeSettingsMergePolicy
+ merge
+
+ cloudService
+
+ enabled
+
+ diagnosticLevel
+ optional
+ automaticSampleSubmission
+
+
+ edr
+
+ tags
+
+
+ key
+ GROUP
+ value
+ ExampleTag
+
+
+
+ userInterface
+
+ hideStatusMenuIcon
+
+
+
+
+```
+
+10. Configure the notification settings (macOS 10.15 (Catalina) or newer). For more information, see [Notification settings](mac-install-with-jamf.md#notification-settings).
+
+```
+
+
+PayloadContentNotificationSettingsAlertType2BadgesEnabledBundleIdentifiercom.microsoft.autoupdate2CriticalAlertEnabledGroupingType0NotificationsEnabledShowInLockScreenShowInNotificationCenterSoundsEnabledAlertType2BadgesEnabledBundleIdentifiercom.microsoft.wdavtrayCriticalAlertEnabledGroupingType0NotificationsEnabledShowInLockScreenShowInNotificationCenterSoundsEnabledPayloadDescriptionPayloadDisplayNamenotificationsPayloadEnabledPayloadIdentifierBB977315-E4CB-4915-90C7-8334C75A7C64PayloadOrganizationMicrosoftPayloadTypecom.apple.notificationsettingsPayloadUUIDBB977315-E4CB-4915-90C7-8334C75A7C64PayloadVersion1PayloadDescriptionPayloadDisplayNamemdatp - allow notificationsPayloadEnabledPayloadIdentifier85F6805B-0106-4D23-9101-7F1DFD5EA6D6PayloadOrganizationMicrosoftPayloadRemovalDisallowedPayloadScopeSystemPayloadTypeConfigurationPayloadUUID85F6805B-0106-4D23-9101-7F1DFD5EA6D6PayloadVersion1
+
+
+
+
+ ChannelName
+ InsiderFast
+ HowToCheck
+ AutomaticDownload
+ EnableCheckForUpdatesButton
+
+ DisableInsiderCheckbox
+
+ SendAllTelemetryEnabled
+
+
+
+
+```
+ Save it as `AutoEnable_notifications_for_MDATP_AutoUpdate.mobileconfig` or `MDATP_MDAV_notification_settings.plist`.
+
+
+12. Configure Microsoft AutoUpdate (MAU).
+
+ - JAMF - Set preferences for Microsoft AutoUpdate. For more infomation, see [JAMF](mac-updates.md#jamf).
+ - Save the file as e.g. MDATP_MDAV_MAU_settings.plist
+
+
+