Hopefully that'll help protect us against some of the new variants of Ransomware that have sprung up in the past few years
For all my installs it always was enabled by default. And if not instantly after the os installed, the next defender platform update enabled it.
at SlowTech, You ever use CryptoPrevent or set Permissions through Group Policy Editor to combat RansomWare? CP is much easier. MalwareBytes and other apps do the same thing that CP has been doing all along.
First saw this on 1903 build though it's possible they put it in a previous non-ga build. This tamper protection is done by the defender service itself and is a pain in the ass to disable. IIRC you gotta go into the defender settings to temporarily disable it before changing your boot options to stop loading the defender service.