Lookout classifies mobile threats of various types, so that you can match different classifications to the risk levels they represent for your organization. All threat classifications initially reflect the default threat levels assigned by Lookout. Administrators with Full Access to the MES Console can modify these settings from the Protections module:

Your MDM platform calculates device compliance according to these risk levels at runtime. The threat classification policy in MES directly drives the device compliance status in Intune.

Using Intune, an Administrator creates a Compliance Policy with a Device Health rule that specifies the maximum acceptable risk level.

You can add the rule to an existing compliance policy or create a new policy. For initial deployment, Lookout recommends creating a new compliance policy that is only enforced against a subset of test users.