After upgrading to SEP 14.0 RU1 and newer, the Client Activity log shows warnings about Client Intrusion Detection System (CIDS) and Memory Exploit Mitigation (MEM).

Memory Exploit Mitigation Custom Applications disabled by license policy.

1/16/2018 10:31:04 AM Warning Memory Exploit Mitigation Custom Applications disabled by license policy

It is an expected warning when the SEPM server is not enrolled with the Cloud (14.1).

This message is informational only and can be ignored for SEPM servers that are not enrolled in the Cloud (14.1).

If SEP Shield shows a notification of one security policy protection component disabled, you must LOCK the Enable Memory Exploit Mitigation in the policy to rectify the issue

To Lock Memory Exploit Mitigation

1. In the console, click Clients.
2. Click the client group that you want to Lock Memory Exploit Mitigation, and then click the policy Policies tab.
3. Expand Location-specific Policies.
4. Next to Memory Exploit Mitigation, click Tasks > Edit Policy.
5. Click Memory Exploit Mitigation, and then click the locks next to Enable Memory Exploit Mitigation
6. Click OK.