As you know, Intune/Endpoint Configuration Manager allows you to define policies to managed devices configuration and security settings.

Until now, all these configuration settings were available only using the DevicesConfiguration Profiles and some of these settings were associated with profile type not always directly related to security.

To help you and your security teams to setup your devices security configuration (antivirus, firewall, disk encryption…), new security focused policies have been made available.

NOTE if you already have some security settings in place using the Configuration Profiles, they are not reported back here

To start using these new security focused policies, logon to your Endpoint Configuration Manager portal (https://devicemanagement.microsoft.com/) and access the Endpoint Security blade

There you will see the new policies options under the Manage section, allowing you configure antivirus, firewall, disk encryption, attack surface reduction or account protection options

These options are applicable to Windows 10 (and Windows Defender) or MacOS devices.