diff --git a/Firmware/Intune BIOS Update Control/BIOSUpdate_PR/Invoke-IntuneBIOSUpdate-Detect.ps1 b/Firmware/Intune BIOS Update Control/BIOSUpdate_PR/Invoke-IntuneBIOSUpdate-Detect.ps1
new file mode 100644
index 0000000..e530805
--- /dev/null
+++ b/Firmware/Intune BIOS Update Control/BIOSUpdate_PR/Invoke-IntuneBIOSUpdate-Detect.ps1	
@@ -0,0 +1,292 @@
+<#
+.SYNOPSIS
+    BIOS Control detection script for MSEndpointMgr Intune MBM
+.DESCRIPTION
+    This proactive remediation script is part of the Intune version of Modern BIOS management. More information can be found at https://msendpointmgr.com 
+    NB: Only edit variables in the Declarations region of the script. 
+    The following variables MUST be set: 
+    1. DATUri - Url path to BIOSPackages.xml 
+.EXAMPLE
+	Invoke-IntuneBIOSUpdateDetect.ps1 - Run as SYSTEM 
+.NOTES
+	Version:    1.0
+    Author:     Maurice Daly / Jan Ketil Skanke @ Cloudway
+    Contact:    @JankeSkanke @Modaly_IT
+    Creation Date:  01.10.2021
+    Purpose/Change: Initial script development
+    Created:     2021-14-11
+    Updated:     
+    Version history:
+    1.0.0 - (2021.14.11) Script created
+#>
+#Region Initialisations
+# Set Error Action to Silently Continue
+$Script:ErrorActionPreference = "SilentlyContinue"
+# Enable TLS 1.2
+[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
+$Script:ExitCode = 0
+#Endregion Initialisations
+
+#Region Decalarations
+# Create and define Eventlog for logging - edit with caution
+$Script:EventLogName = 'MSEndpointMgr'
+$Script:EventLogSource = 'MSEndpointMgrBIOSMgmt'
+New-EventLog -LogName $EventLogName -Source $EventLogSource -ErrorAction SilentlyContinue
+
+# Define path to DAT provisioned XML
+$Script:DATUri = "<TO BE SET>"
+
+# Get manufacturer 
+$Script:Manufacturer = (Get-WmiObject -Class "Win32_ComputerSystem" | Select-Object -ExpandProperty Manufacturer).Trim()
+
+# Registry path for status messages - Edit with caution 
+$Script:RegPath = 'HKLM:\SOFTWARE\MSEndpointMgr\BIOSUpdateManagemement'
+
+# Defining BIOSUpdate Status Variables - Do not edit
+$Script:BIOSUpdateInprogress = $null
+$Script:BIOSUpdateAttempts = $null
+$Script:BIOSUpdateTime = $null
+$Script:BIOSDeployedVersion = $null
+#EndRegion Declarations 
+#Region Functions
+
+function Test-BIOSVersionHP{
+param (
+        [parameter(Mandatory = $true)]
+		[ValidateNotNullOrEmpty()]
+		[version]$BIOSApprovedVersion,
+        [parameter(Mandatory = $true)]
+		[ValidateNotNullOrEmpty()]
+		[string]$SystemID
+	)  
+    $Output = @{}
+    # Import HP Module 
+    Import-Module HP.ClientManagement
+
+    # Obtain current BIOS verison
+    [version]$CurrentBIOSVersion = Get-HPBIOSVersion
+
+    # Inform current BIOS deployment state
+    if ($BIOSApprovedVersion -gt $CurrentBIOSVersion){
+        $OutputMessage = "BIOS needs an update. Current version is $CurrentBIOSVersion, available version is $BIOSApprovedVersion"
+        $ExitCode = 1
+    } 
+    elseif ($BIOSApprovedVersion -eq $CurrentBIOSVersion) {
+        $OutputMessage = "BIOS is current on version $CurrentBIOSVersion"
+        $ExitCode = 0
+    } 
+    elseif ($BIOSApprovedVersion -lt $CurrentBIOSVersion) {
+        $OutputMessage = "BIOS is on a higher version than approved $CurrentBIOSVersion. Approved version $BIOSApprovedVersion"
+        $ExitCode = 0
+    } 
+    
+    $Output = @{
+         "Message" = $OutputMessage
+         "ExitCode" = $ExitCode
+    }
+
+    Return $Output
+}#endfunction
+function Test-BiosVersionDell{
+    param (
+            [parameter(Mandatory = $true)]
+            [ValidateNotNullOrEmpty()]
+            [array]$BIOSPackageDetails 
+        )
+    $OutputMessage = "Dell Not implemented"
+    $ExitCode = 0
+    $Output = @{
+        "Message" = $OutputMessage
+        "ExitCode" = $ExitCode
+    }
+    Return $Output
+    }#endfunction
+function Test-BiosVersionLenovo{
+    param (
+            [parameter(Mandatory = $true)]
+            [ValidateNotNullOrEmpty()]
+            [array]$BIOSPackageDetails 
+        )  
+    $OutputMessage = "Dell Not implemented"
+    $ExitCode = 0
+    $Output = @{
+        "Message" = $OutputMessage
+        "ExitCode" = $ExitCode
+    }
+    Return $Output
+}#endfunction
+
+#endregion Functions
+
+#region Script
+# Read in DAT XML
+[xml]$BIOSPackages = Invoke-WebRequest -Uri $DATUri -UseBasicParsing
+
+# Sort BIOS Packages into variable
+$BIOSPackageDetails = $BIOSPackages.ArrayOfCMPackage.CMPackage
+
+# Validate applicability
+switch -Wildcard ($Manufacturer) { 
+    {($PSItem -match "HP") -or ($PSItem -match "Hewlett-Packard")}{
+        Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "Validated HP hardware check"
+        $HPPreReq = [boolean](Get-InstalledModule | Where-Object {$_.Name -match "HPCMSL"} -ErrorAction SilentlyContinue -Verbose:$false)
+        if ($HPPreReq){
+            # Import module
+            Import-Module HP.ClientManagement
+            # Get matching identifier from baseboard
+            $SystemID = Get-HPDeviceProductID
+            $SupportedModel = $BIOSPackageDetails | Where-Object {$_.Description -match $SystemID}
+            if (-not ([string]::IsNullOrEmpty($SupportedModel))) {
+                [version]$BIOSApprovedVersion = ($BIOSPackageDetails | Where-Object {$_.Description -match $SystemID} | Sort-Object Version -Descending  | Select-Object -First 1 -Unique -ExpandProperty Version).Split(" ")[0] 
+                $OEM = "HP"
+                Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "$($SupportedModel.Description) succesfully matched on SKU $($SystemID)"
+            } 
+            else {
+                Write-EventLog -LogName $EventLogName -EntryType Warning -EventId 8002 -Source $EventLogSource -Message "Model with SKU value $($SystemID) not found in XML source. Exiting script"
+                Write-Output "Model with SKU value $($SystemID) not found in XML source. Exiting script"
+                Exit 0
+            }       
+        } 
+        else { 
+            # HP Prereq is missing. Exit script
+            Write-EventLog -LogName $EventLogName -EntryType Warning -EventId 8002 -Source $EventLogSource -Message "HP CMSL Powershell Module is missing. Remediation not possible."
+            Write-Output "HP Prereq missing. HPCMSL Powershell Module is missing. Remediation not possible."
+            Exit 0
+        }
+    }
+    {($PSItem -match "Lenovo")}{
+        Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "Validated Lenovo hardware check"
+        $LenovoPreReq = $false
+        if ($LenovoPreReq){
+            # Get matching identifier from baseboard
+            $SystemID = "Something"
+            $SupportedModel = $BIOSPackageDetails | Where-Object {$_.Description -match $SystemID}
+            if (-not ([string]::IsNullOrEmpty($SupportedModel))) {
+                [version]$BIOSApprovedVersion = ($BIOSPackageDetails | Where-Object {$_.Description -match $SystemID} | Sort-Object Version -Descending  | Select-Object -First 1 -Unique -ExpandProperty Version).Split(" ")[0] 
+                $OEM = "Lenovo"
+            } 
+            else {
+                Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "Model $ComputerModel with SKU value $SystemSKU not found in XML source"
+            }
+        }
+        else {
+        Write-EventLog -LogName $EventLogName -EntryType Warning -EventId 8002 -Source $EventLogSource -Message "$($Manufacturer) not implemented"
+        Write-output "$($Manufacturer) not implemented"
+        Exit 0
+        }
+    }
+    {($PSItem -match "Dell")}{
+        Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "Validated Dell hardware check"
+        $DellPreReq = $false
+        if ($DellPreReq){
+            # Get matching identifier from baseboard
+            $SystemID = "Something"
+            $SupportedModel = $BIOSPackageDetails | Where-Object {$_.Description -match $SystemID}
+            if (-not ([string]::IsNullOrEmpty($SupportedModel))) {
+                [version]$BIOSApprovedVersion = ($BIOSPackageDetails | Where-Object {$_.Description -match $SystemID} | Sort-Object Version -Descending  | Select-Object -First 1 -Unique -ExpandProperty Version).Split(" ")[0] 
+                $OEM = "Dell"
+            } 
+            else {
+                Write-EventLog -LogName $EventLogName -EntryType Warning -EventId 8002 -Source $EventLogSource -Message "Model with SKU value $($SystemID) not found in XML source. Exiting script"
+                Write-Output "Model with SKU value $($SystemID) not found in XML source. Exiting script"
+                Exit 0
+            }       
+        }
+        else {
+            Write-EventLog -LogName $EventLogName -EntryType Warning -EventId 8002 -Source $EventLogSource -Message "$($Manufacturer) not implemented"
+            Write-output "$($Manufacturer) not implemented"
+            Exit 0
+        }
+
+    }
+    default {
+                Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "Incompatible Hardware. $($Manufacturer) not supported"
+                Write-output "Incompatible Hardware. $($Manufacturer) not supported"
+                Exit 0
+    }
+}
+
+# Checking if registry entries for BIOS Update management exits and set to 0 if they don't exists
+if (-NOT(Test-Path -Path "$RegPath\")) {
+    New-Item -Path "$RegPath" -Force | Out-Null
+    New-ItemProperty -Path "$RegPath" -Name 'BIOSUpdateInprogress' -Value 0 -PropertyType 'DWORD' -Force | Out-Null
+    New-ItemProperty -Path "$RegPath" -Name 'BIOSUpdateAttempts' -Value 0 -PropertyType 'DWORD' -Force | Out-Null
+    New-ItemProperty -Path "$RegPath" -Name 'BIOSUpdateTime' -Value "" -PropertyType 'String' -Force | Out-Null
+    New-ItemProperty -Path "$RegPath" -Name 'BIOSDeployedVersion' -Value "" -PropertyType 'String' -Force | Out-Null
+}
+
+# Check if BIOS Update is in Progress
+$BiosUpdateinProgress = Get-ItemPropertyValue -Path "$($RegPath)\" -Name BIOSUpdateInprogress
+if ($BiosUpdateinProgress -ne 0){
+    Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "BIOS Update is in Progress"
+    # Check if computer has restarted since last try 
+    [DateTime]$BIOSUpdateTime = Get-ItemPropertyValue -Path "$RegPath" -Name 'BIOSUpdateTime'
+    $LastBootime = Get-Date (Get-CimInstance -ClassName Win32_OperatingSystem | Select-Object -ExpandProperty LastBootUpTime)
+    if ($BIOSUpdateTime -gt $LastBootime){
+        # Computer not restarted - Invoke remediation to notify user to reboot
+        Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "BIOSUpdateTime is newer than last reboot, pending first reboot"
+        Exit 1
+    }
+    else {
+        # Step 4 Computer restarted - Check BIOS Version
+        Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "Computer has restarted - validate bios version"
+        $TestBiosCommand = "Test-BIOSVersion$($OEM) -BIOSApprovedVersion $($BIOSApprovedVersion) -SystemID $($SystemID)"
+        $BIOSCheck = Invoke-Expression $TestBiosCommand
+
+        if ($BIOSCheck.ExitCode -eq 0){
+            Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "Update Complete - Clean up in registry"
+            Set-ItemProperty -Path "$RegPath" -Name 'BIOSUpdateInprogress' -Value 0
+            Set-ItemProperty -Path "$RegPath" -Name 'BIOSUpdateAttempts' -Value 0 
+            Set-ItemProperty -Path "$RegPath" -Name 'BIOSUpdateTime' -Value "" 
+            Set-ItemProperty -Path "$RegPath" -Name 'BIOSDeployedVersion' -Value "" 
+            Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "$($BIOSCheck.Message)"
+            Write-Output "$($BIOSCheck.Message)"
+            Exit 0
+        }
+        else {
+            #Step 5 Computer restarted - BIOS not updated - Invoke remediation if threshold not met
+            [int]$Attempts = Get-ItemPropertyValue -Path $RegPath -Name 'BIOSUpdateAttempts'
+            if ($Attempts -gt 3){
+                Write-EventLog -LogName $EventLogName -EntryType Warning -EventId 8002 -Source $EventLogSource -Message "Update not completed after reboot - giving up after $($Attempts) attempts"
+                Write-Output "Update not completed after reboot - giving up after $($Attempts) attempts"
+                Exit 0     
+            } else {
+                Set-ItemProperty -Path $RegPath -Name 'BIOSUpdateAttempts' -Value $Attempts
+                Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "Update not completed after reboot - Attempts: $($Attempts) - Call remediation script"            
+                Write-Output "$($BIOSCheck.Message)"
+                #$Attempts++
+                Exit 1
+            }
+        }
+    }
+} else {
+    # Step 6 BIOS Update not in progress - Check BIOS Version
+    Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "Validate bios version"
+    $TestBiosCommand = "Test-BIOSVersion$($OEM) -BIOSApprovedVersion $($BIOSApprovedVersion) -SystemID $($SystemID)"
+    $BIOSCheck = Invoke-Expression $TestBiosCommand
+
+    if ($BIOSCheck.ExitCode -eq 1){
+        Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "$($BIOSCheck.Message)"
+        Write-Output "$($BIOSCheck.Message)"
+        Exit 1
+    }
+    else {
+        Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "$($BIOSCheck.Message)"
+        Write-Output "$($BIOSCheck.Message)"
+        Exit 0
+    } 
+}
+
+#endregion script
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/Firmware/Intune BIOS Update Control/BIOSUpdate_PR/Invoke-IntuneBIOSUpdate-Remediate.ps1 b/Firmware/Intune BIOS Update Control/BIOSUpdate_PR/Invoke-IntuneBIOSUpdate-Remediate.ps1
new file mode 100644
index 0000000..cdd0f72
--- /dev/null
+++ b/Firmware/Intune BIOS Update Control/BIOSUpdate_PR/Invoke-IntuneBIOSUpdate-Remediate.ps1	
@@ -0,0 +1,660 @@
+<#
+.SYNOPSIS
+    BIOS Control remediation script for MSEndpointMgr Intune MBM
+.DESCRIPTION
+    This proactive remediation script is part of the Intune version of Modern BIOS management. More information can be found at https://msendpointmgr.com 
+    NB: Only edit variables in the Declarations region of the script. 
+    The following variables MUST be set: 
+    1. DATUri - Url path to BIOSPackages.xml 
+    2. LogoImageUri - Url to logo image for toast notification 
+    3. HeroImageUri - Url to hero image for toast notification 
+
+    If you have a common BIOS password on all devices, that can be added to this script for support (HP), but be aware that both local admin users on the devices and Intune admins will 
+    be able to retrive this password if you do so. 
+
+.EXAMPLE
+	Invoke-IntuneBIOSUpdateRemediate.ps1 - Run as SYSTEM 
+.NOTES
+	Version:    1.0
+    Author:     Maurice Daly / Jan Ketil Skanke @ Cloudway
+    Contact:    @JankeSkanke @Modaly_IT
+    Creation Date:  01.10.2021
+    Purpose/Change: Initial script development
+    Created:     2021-14-11
+    Updated:     
+    Version history:
+    1.0.0 - (2021.14.11) Script created
+#>
+
+#region Initialisations
+# Set Error Action to Silently Continue
+$Script:ErrorActionPreference = "SilentlyContinue"
+# Enable TLS 1.2
+[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
+$Script:ExitCode = 0
+#endregion Initialisations
+#region Decalarations 
+# Create and define Eventlog for logging - edit with caution 
+$Script:EventLogName = 'MSEndpointMgr'
+$Script:EventLogSource = 'MSEndpointMgrBIOSMgmt'
+New-EventLog -LogName $EventLogName -Source $EventLogSource -ErrorAction SilentlyContinue
+# Set Toast Notification App Parameters - do not edit 
+$Script:AppID = "MSEndpointMgr.SystemToast.UpdateNotification"
+$Script:AppDisplayName = "MSEndpointMgr"
+$Script:IconUri = "%SystemRoot%\system32\@WindowsUpdateToastIcon.png"
+$Script:ToastMediafolder = "$env:programdata\MSEndpointMgr\ToastNotification"
+
+#Set Toast Settings - Adjust to your own requirements - modification required
+$Script:ToastSettings = @{
+    LogoImageUri = "<TO BE SET>"
+    HeroImageUri = "<TO BE SET>"
+    LogoImage = "$ToastMediafolder\ToastLogoImage.png"
+    HeroImage = "$ToastMediafolder\ToastHeroImage.png"
+    AttributionText = "Bios Update Notification"
+    HeaderText = "It is time to update your BIOS!"
+    TitleText = "Firmware update needed!"
+    BodyText1 = "For security reasons it is important that the firmware on your machine is up to date. This update requires a reboot of your device"
+    BodyText2 = "Please save your work and restart your device today. Thank you in advance."
+    ActionButtonContent = "Restart Now"
+}
+$Script:Scenario = 'reminder' # <!-- Possible values are: reminder | short | long | alarm
+# Define BIOS Password
+$Script:BIOSPswd = $null
+# Define path to DAT provisioned XML - must be set
+$Script:DATUri = "<TO BE SET>"
+# Get manufacturer 
+$Script:Manufacturer = (Get-WmiObject -Class "Win32_ComputerSystem" | Select-Object -ExpandProperty Manufacturer).Trim()
+# Registry path for status messages - do not edit
+$Script:RegPath = 'HKLM:\SOFTWARE\MSEndpointMgr\BIOSUpdateManagemement'
+
+#EndRegion Declarations 
+
+#Region Functions
+
+function Add-NotificationApp {
+    <#
+    .SYNOPSIS
+    Function to verify and register toast notification app in registry as system
+
+    .DESCRIPTION
+    This function must be run as system and registers the toast notification app with your own name and icon. 
+
+    .PARAMETER AppID
+    The AppID (Name) to be used to the toast notification. Example: MSEndpointMgr.SystemToast.UpdateNotification
+
+    .PARAMETER AppDisplayName
+    The Display Name for your  toast notification app. Example: MSEndpointMgr
+
+    .PARAMETER IconUri
+    The path to the icon shown in the Toast Notification. Expample: %SystemRoot%\system32\@WindowsUpdateToastIcon.png
+
+    .PARAMETER ShowInSettings
+    Default Value 0 is recommended. Not required. But can be change to 1. Not recommended for this solution
+    #>    
+    [CmdletBinding()]
+    Param(
+        [Parameter(Mandatory=$true)]$AppID,
+        [Parameter(Mandatory=$true)]$AppDisplayName,
+        [Parameter(Mandatory=$true)]$IconUri,
+        [Parameter(Mandatory=$false)][int]$ShowInSettings = 0
+    )
+    # Verify if PSDrive Exists
+    $HKCR = Get-PSDrive -Name HKCR -ErrorAction SilentlyContinue
+    If (!($HKCR))
+    {
+        New-PSDrive -Name HKCR -PSProvider Registry -Root HKEY_CLASSES_ROOT -Scope Script
+    }
+    $AppRegPath = "HKCR:\AppUserModelId"
+    $RegPath = "$AppRegPath\$AppID"
+    # Verify if App exists in registry
+    If (!(Test-Path $RegPath))
+    {
+        Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "Toast Notification App does not exists - creating"
+        $null = New-Item -Path $AppRegPath -Name $AppID -Force
+    }
+    # Verify Toast App Displayname
+    $DisplayName = Get-ItemProperty -Path $RegPath -Name DisplayName -ErrorAction SilentlyContinue | Select-Object -ExpandProperty DisplayName -ErrorAction SilentlyContinue
+    If ($DisplayName -ne $AppDisplayName)
+    {
+        $null = New-ItemProperty -Path $RegPath -Name DisplayName -Value $AppDisplayName -PropertyType String -Force
+        Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "Toast notification app $($DisplayName) created"
+    }
+    # Verify Show in settings value
+    $ShowInSettingsValue = Get-ItemProperty -Path $RegPath -Name ShowInSettings -ErrorAction SilentlyContinue | Select-Object -ExpandProperty ShowInSettings -ErrorAction SilentlyContinue
+    If ($ShowInSettingsValue -ne $ShowInSettings)
+    {
+        $null = New-ItemProperty -Path $RegPath -Name ShowInSettings -Value $ShowInSettings -PropertyType DWORD -Force
+        Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "Toast notification app settings applied"
+    }
+    # Verify toast icon value
+    $IconSettingsValue = Get-ItemProperty -Path $RegPath -Name IconUri -ErrorAction SilentlyContinue | Select-Object -ExpandProperty IconUri -ErrorAction SilentlyContinue
+    If ($IconSettingsValue -ne $IconUri)
+    {
+        $null = New-ItemProperty -Path $RegPath -Name IconUri -Value $IconUri -PropertyType ExpandString -Force
+        Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "Toast notification app icon set"
+    }
+    # Clean up
+    Remove-PSDrive -Name HKCR -Force
+}#endfunction
+function Add-ToastRebootProtocolHandler{
+    <#
+    .SYNOPSIS
+    Function to add the reboot protocol handler for your toast notifications
+
+    .DESCRIPTION
+    This function must be run as system and registers the protocal handler for toast reboot. 
+    #>    
+    New-PSDrive -Name HKCR -PSProvider Registry -Root HKEY_CLASSES_ROOT -ErrorAction SilentlyContinue | out-null
+    $ProtocolHandler = Get-Item 'HKCR:\MSEndpointMgrToastReboot' -ErrorAction SilentlyContinue
+    if (!$ProtocolHandler) {
+        #create handler for reboot
+        New-Item 'HKCR:\MSEndpointMgrToastReboot' -Force
+        Set-Itemproperty 'HKCR:\MSEndpointMgrToastReboot' -Name '(DEFAULT)' -Value 'url:MSEndpointMgrToastReboot' -Force
+        Set-Itemproperty 'HKCR:\MSEndpointMgrToastReboot' -Name 'URL Protocol' -Value '' -Force
+        New-Itemproperty -path 'HKCR:\MSEndpointMgrToastReboot' -PropertyType DWORD -Name 'EditFlags' -Value 2162688
+        New-Item 'HKCR:\MSEndpointMgrToastReboot\Shell\Open\command' -Force
+        Set-Itemproperty 'HKCR:\MSEndpointMgrToastReboot\Shell\Open\command' -Name '(DEFAULT)' -Value 'C:\Windows\System32\shutdown.exe -r -t 60 -c "Your computer will be restarted in 1 minute to complete the BIOS Update process." ' -Force
+    }
+    Remove-PSDrive -Name HKCR -Force -ErrorAction SilentlyContinue
+}#endfunction
+function Test-UserSession {
+    #Check if a user is currently logged on before doing user action
+    [String]$CurrentlyLoggedOnUser = (Get-WmiObject -Class Win32_ComputerSystem |  Where-Object {$_.Username} | Select-Object UserName).UserName
+    if ($CurrentlyLoggedOnUser){
+        $SAMName = [String]$CurrentlyLoggedOnUser.Split("\")[1]
+        #$UserPath = (Get-ChildItem  -Path HKLM:\SOFTWARE\Microsoft\IdentityStore\LogonCache\ -Recurse -ErrorAction SilentlyContinue | ForEach-Object { if((Get-ItemProperty -Path $_.PsPath) -match $SAMName) {$_.PsPath} } ) | Where-Object {$PSItem -Match 'S-\d-\d{2}-\d-\d{10}-\d{10}-\d{10}-\d{10}'}
+        #$FullName = (Get-ItemProperty -Path $UserPath | Select-Object DisplayName).DisplayName
+        $ReturnObject = $SAMName 
+    }else {
+        $ReturnObject = $false
+    }
+    Return $ReturnObject
+}#endfunction
+function Invoke-ToastNotification {
+    Param(
+        [Parameter(Mandatory=$false)]$FullName,
+        [parameter(Mandatory = $true)]
+		[ValidateNotNullOrEmpty()]
+		[array]$ToastSettings,
+        [Parameter(Mandatory=$true)]$AppID,
+        [Parameter(Mandatory=$true)]$Scenario
+    )
+
+$MyScriptBlockString = "
+function Start-ToastNotification {
+    `$Load = [Windows.UI.Notifications.ToastNotificationManager, Windows.UI.Notifications, ContentType = WindowsRuntime]
+    `$Load = [Windows.Data.Xml.Dom.XmlDocument, Windows.Data.Xml.Dom.XmlDocument, ContentType = WindowsRuntime]
+    # Load the notification into the required format
+    `$ToastXML = New-Object -TypeName Windows.Data.Xml.Dom.XmlDocument
+    `$ToastXML.LoadXml(`$Toast.OuterXml)
+    # Display the toast notification
+    try {
+        [Windows.UI.Notifications.ToastNotificationManager]::CreateToastNotifier(`"$AppID`").Show(`$ToastXml)
+    }
+    catch { 
+        Write-Output -Message 'Something went wrong when displaying the toast notification' -Level Warn     
+        Write-EventLog -LogName $EventLogName -EntryType Warning -EventId 8002 -Source $EventLogSource -Message `"Something went wrong when displaying the toast notification`"
+    }
+    Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message `"Toast Notification successfully delivered to logged on user`"
+}
+#Fetching images from uri
+Invoke-WebRequest -Uri $($ToastSettings.LogoImageUri) -OutFile $($ToastSettings.LogoImage)
+Invoke-WebRequest -Uri $($ToastSettings.HeroImageUri) -OutFile $($ToastSettings.HeroImage)
+
+[xml]`$Toast = @`"
+<toast scenario=`"$Scenario`">
+    <visual>
+    <binding template=`"ToastGeneric`">
+        <image placement=`"hero`" src=`"$($ToastSettings.HeroImage)`"/>
+        <image id=`"1`" placement=`"appLogoOverride`" hint-crop=`"circle`" src=`"$($ToastSettings.LogoImage)`"/>
+        <text placement=`"attribution`">$($ToastSettings.AttributionText)</text>
+        <text>$($ToastSettings.HeaderText)</text>
+        <group>
+            <subgroup>
+                <text hint-style=`"title`" hint-wrap=`"true`" >$($ToastSettings.TitleText)</text>
+            </subgroup>
+        </group>
+        <group>
+            <subgroup>     
+                <text hint-style=`"body`" hint-wrap=`"true`" >$($ToastSettings.BodyText1)</text>
+            </subgroup>
+        </group>
+        <group>
+            <subgroup>     
+                <text hint-style=`"body`" hint-wrap=`"true`" >$($ToastSettings.BodyText2)</text>
+            </subgroup>
+        </group>
+    </binding>
+    </visual>
+    <actions>
+        <input id=`"snoozeTime`" type=`"selection`" defaultInput=`"60`">
+        <selection id=`"1`" content=`"1 minute`"/>
+        <selection id=`"15`" content=`"15 minutes`"/>
+        <selection id=`"60`" content=`"1 hour`"/>
+        <selection id=`"240`" content=`"4 hours`"/>
+        <selection id=`"1440`" content=`"1 day`"/>
+        </input>
+        <action activationType=`"protocol`" arguments=`"MSEndpointMgrToastReboot:`" content=`"$($ToastSettings.ActionButtonContent)`"/>
+        <action activationType=`"system`" arguments=`"snooze`" hint-inputId=`"snoozeTime`" content=`"Snooze`" />
+    </actions>
+    <audio src=`"ms-winsoundevent:Notification.Default`"/>
+</toast>
+`"@
+
+Start-ToastNotification
+"
+
+$MyScriptBlock = [ScriptBlock]::create($MyScriptBlockString) 
+$EncodedScript = [System.Convert]::ToBase64String([System.Text.Encoding]::UNICODE.GetBytes($MyScriptBlock))
+
+#Set Unique GUID for the Toast
+If (!($ToastGUID)) {
+    $ToastGUID = ([guid]::NewGuid()).ToString().ToUpper()
+}
+$Task_TimeToRun = (Get-Date).AddSeconds(10).ToString('s')
+$Task_Expiry = (Get-Date).AddSeconds(120).ToString('s')
+$Task_Trigger = New-ScheduledTaskTrigger -Once -At $Task_TimeToRun
+$Task_Trigger.EndBoundary = $Task_Expiry
+$Task_Principal = New-ScheduledTaskPrincipal -GroupId "S-1-5-32-545" -RunLevel Limited
+$Task_Settings = New-ScheduledTaskSettingsSet -Compatibility V1 -DeleteExpiredTaskAfter (New-TimeSpan -Seconds 600) -AllowStartIfOnBatteries
+$Task_Action = New-ScheduledTaskAction -Execute "C:\WINDOWS\system32\WindowsPowerShell\v1.0\PowerShell.exe" -Argument "-NoProfile -WindowStyle Hidden -EncodedCommand $EncodedScript"
+
+$New_Task = New-ScheduledTask -Description "Toast_Notification_$($ToastGuid) Task for user notification" -Action $Task_Action -Principal $Task_Principal -Trigger $Task_Trigger -Settings $Task_Settings
+Register-ScheduledTask -TaskName "Toast_Notification_$($ToastGuid)" -InputObject $New_Task | Out-Null
+Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "Toast Notification Task created for logged on user: Toast_Notification_$($ToastGuid)"
+}#endfunction
+function Invoke-BIOSUpdateHP{
+    param (
+            [parameter(Mandatory = $true)]
+            [ValidateNotNullOrEmpty()]
+            [version]$BIOSApprovedVersion,
+            [parameter(Mandatory = $true)]
+            [ValidateNotNullOrEmpty()]
+            [string]$SystemID
+        )  
+    $Output = @{}
+    # Import HP Module 
+    Import-Module HP.ClientManagement
+    # Get Date
+    $Date = Get-Date
+    # Obtain current BIOS verison
+    [version]$CurrentBIOSVersion = Get-HPBIOSVersion
+
+    # Inform current BIOS deployment state
+    if ($BIOSApprovedVersion -gt $CurrentBIOSVersion){
+        $HPBIOSVersions = Get-HPBIOSUpdates
+        foreach ($HPBIOSVersion in $HPBIOSVersions.Ver){
+            if ([version]$HPBIOSVersion -eq $BIOSApprovedVersion) {
+                $HPVersion = $HPBIOSVersion
+            }
+        }
+        if ([version]$HPVersion -contains $BIOSApprovedVersion) {
+            # Process BIOS update
+            Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "Processing BIOS flash update process"
+            # Check for BIOS password and update flash cmdline
+            Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "Checking if BIOS password is set"
+            $BIOSPasswordSet = Get-HPBIOSSetupPasswordIsSet
+            switch ($BIOSPasswordSet) {
+                $true {
+                    # Verify that an password has been provided
+                    Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "BIOS password is password protected"
+                    if (-not ([string]::IsNullOrEmpty($BIOSPswd))){ 
+                        # Perform BIOS flash update using provided password
+                        Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "Updating HP BIOS to version $HPVersion using supplied password"
+                        $HPBIOSUpdateProcess = Get-HPBIOSUpdates -Version $HPVersion -Password $BIOSPswd -Flash -Bitlocker suspend -Yes -Quiet -ErrorAction SilentlyContinue
+                        # Writing status to registry for detection
+                        [int]$Attempts = Get-ItemPropertyValue -Path $RegPath -Name 'BIOSUpdateAttempts'
+                        $Attempts++ 
+                        Set-ItemProperty -Path $RegPath -Name 'BIOSUpdateAttempts' -Value $Attempts
+                        Set-ItemProperty -Path "$RegPath" -Name 'BIOSUpdateInprogress' -Value 1
+                        Set-ItemProperty -Path "$RegPath" -Name 'BIOSUpdateTime' -Value $Date 
+                        Set-ItemProperty -Path "$RegPath" -Name 'BIOSDeployedVersion' -Value $HPVersion
+                        $OutputMessage = "Updating HP BIOS to version $HPVersion using supplied password"
+                        $ExitCode = 0
+                        #Invoke Toast 
+                        if (Test-UserSession){
+                            #User is logged on - send toast to user to perform the reboot
+                            Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "User session found - notify user to reboot with toast"
+                            Invoke-ToastNotification -ToastSettings $ToastSettings -AppID $AppID -Scenario $Scenario
+                        } else {
+                            #No user logged on - enforcing a reboot to finalize BIOS flashing                
+                            Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "No user currenty logged on - restarting computer to finalize BIOS flashing"
+                            $RestartCommand = 'C:\Windows\System32\shutdown.exe'
+                            $RestartArguments = '-r -t 60 -c "Your computer will be restarted in 1 minute to complete the BIOS Update process."'
+                            Start-Process $RestartCommand -ArgumentList $RestartArguments -NoNewWindow
+                        }
+                    } else {
+                        Write-EventLog -LogName $EventLogName -EntryType Warning -EventId 8002 -Source $EventLogSource -Message "Password is set, but not password is provided. BIOS Update is halted"
+                        $OutputMessage = "Password is set, but not password is provided. BIOS Update is halted"
+                        $ExitCode = 1
+                    }
+                }
+                $false {
+                    # Perform BIOS flash update
+                    Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "Updating HP BIOS to version $HPVersion"
+                    $HPBIOSUpdateProcess = Get-HPBIOSUpdates -Version $HPVersion -Flash -Bitlocker suspend -Yes -Quiet -ErrorAction SilentlyContinue
+                    # Writing status to registry for detection
+                    [int]$Attempts = Get-ItemPropertyValue -Path $RegPath -Name 'BIOSUpdateAttempts'
+                    $Attempts++ 
+                    Set-ItemProperty -Path $RegPath -Name 'BIOSUpdateAttempts' -Value $Attempts
+                    Set-ItemProperty -Path "$RegPath" -Name 'BIOSUpdateInprogress' -Value 1
+                    Set-ItemProperty -Path "$RegPath" -Name 'BIOSUpdateTime' -Value $Date 
+                    Set-ItemProperty -Path "$RegPath" -Name 'BIOSDeployedVersion' -Value $HPVersion
+                    #Invoke Toast 
+                    if (Test-UserSession){
+                        #User is logged on - send toast to user to perform the reboot
+                        Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "User session found - notify user to reboot with toast"
+                        Invoke-ToastNotification -ToastSettings $ToastSettings -AppID $AppID -Scenario $Scenario
+                    } else {
+                        #No user logged on - enforcing a reboot to finalize BIOS flashing                
+                        Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "No user currenty logged on - restarting computer to finalize BIOS flashing"
+                        $RestartCommand = 'C:\Windows\System32\shutdown.exe'
+                        $RestartArguments = '-r -t 60 -c "Your computer will be restarted in 1 minute to complete the BIOS Update process."'
+                        Start-Process $RestartCommand -ArgumentList $RestartArguments -NoNewWindow
+                    }
+                    $OutputMessage = "Updated HP BIOS to version $HPVersion"
+                    $ExitCode = 0
+                }                
+            }
+        } 
+        else {
+            $OutputMessage = "BIOS update not found. $BIOSApprovedVersion not found in HP returned values from HP"
+            $ExitCode = 1
+        }
+    } 
+    elseif ($BIOSApprovedVersion -eq $CurrentBIOSVersion) {
+        $OutputMessage = "BIOS is current on version $CurrentBIOSVersion"
+        $ExitCode = 0
+    } 
+    elseif ($BIOSApprovedVersion -lt $CurrentBIOSVersion) {
+        $OutputMessage = "BIOS is on a higher version than approved $CurrentBIOSVersion. Approved version $BIOSApprovedVersion"
+        $ExitCode = 0
+    } 
+    
+    $Output = @{
+            "Message" = $OutputMessage
+            "ExitCode" = $ExitCode
+    }
+
+    Return $Output
+}#endfunction
+function Invoke-BIOSUpdateDell{
+    param (
+            [parameter(Mandatory = $true)]
+            [ValidateNotNullOrEmpty()]
+            [array]$BIOSPackageDetails 
+        )  
+$OutputMessage = "Dell not Implemented yet"
+$ExitCode = 0
+$Output = @{
+    "Message" = $OutputMessage
+    "ExitCode" = $ExitCode
+}
+Return $Output
+}#endfunction
+function Invoke-BIOSUpdateLenovo{
+    param (
+            [parameter(Mandatory = $true)]
+            [ValidateNotNullOrEmpty()]
+            [array]$BIOSPackageDetails 
+        )  
+$OutputMessage = "Dell not Implemented yet"
+$ExitCode = 0
+$Output = @{
+    "Message" = $OutputMessage
+    "ExitCode" = $ExitCode
+}
+return $Output
+}#endfunction
+function Test-BIOSVersionHP{
+param (
+        [parameter(Mandatory = $true)]
+        [ValidateNotNullOrEmpty()]
+        [version]$BIOSApprovedVersion,
+        [parameter(Mandatory = $true)]
+        [ValidateNotNullOrEmpty()]
+        [string]$SystemID
+    )  
+    $Output = @{}
+    # Import HP Module 
+    Import-Module HP.ClientManagement
+
+    # Obtain current BIOS verison
+    [version]$CurrentBIOSVersion = Get-HPBIOSVersion
+
+    # Inform current BIOS deployment state
+    if ($BIOSApprovedVersion -gt $CurrentBIOSVersion){
+        $OutputMessage = "BIOS needs an update. Current version is $CurrentBIOSVersion, available version is $BIOSApprovedVersion"
+        $ExitCode = 1
+    } 
+    elseif ($BIOSApprovedVersion -eq $CurrentBIOSVersion) {
+        $OutputMessage = "BIOS is current on version $CurrentBIOSVersion"
+        $ExitCode = 0
+    } 
+    elseif ($BIOSApprovedVersion -lt $CurrentBIOSVersion) {
+        $OutputMessage = "BIOS is on a higher version than approved $CurrentBIOSVersion. Approved version $BIOSApprovedVersion"
+        $ExitCode = 0
+    } 
+    
+    $Output = @{
+            "Message" = $OutputMessage
+            "ExitCode" = $ExitCode
+    }
+
+    Return $Output
+}#endfunction
+function Test-BiosVersionDell{
+    param (
+            [parameter(Mandatory = $true)]
+            [ValidateNotNullOrEmpty()]
+            [array]$BIOSPackageDetails 
+        )
+    $OutputMessage = "Dell Not implemented"
+    $ExitCode = 0
+    $Output = @{
+        "Message" = $OutputMessage
+        "ExitCode" = $ExitCode
+    }
+    Return $Output
+}#endfunction
+function Test-BiosVersionLenovo{
+    param (
+            [parameter(Mandatory = $true)]
+            [ValidateNotNullOrEmpty()]
+            [array]$BIOSPackageDetails 
+        )  
+    $OutputMessage = "Dell Not implemented"
+    $ExitCode = 0
+    $Output = @{
+        "Message" = $OutputMessage
+        "ExitCode" = $ExitCode
+    }
+    Return $Output
+}#endfunction
+#Endregion Functions
+
+#Region Script
+
+# Read in DAT XML
+[xml]$BIOSPackages = Invoke-WebRequest -Uri $DATUri -UseBasicParsing
+
+# Sort BIOS Packages into variable
+$BIOSPackageDetails = $BIOSPackages.ArrayOfCMPackage.CMPackage
+
+# Adding and verifying Toast Application and Protocol Handler
+Add-NotificationApp -AppID $AppID -AppDisplayName $AppDisplayName -IconUri $IconUri | Out-Null
+Add-ToastRebootProtocolHandler | Out-Null
+
+#Verify Toast Media folder exists
+if (-not (Test-Path $ToastMediafolder)){
+    New-Item -Path $ToastMediafolder -ItemType Directory | Out-Null
+}
+
+# Validate applicability
+switch -Wildcard ($Manufacturer) { 
+    {($PSItem -match "HP") -or ($PSItem -match "Hewlett-Packard")}{
+        Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "Validated HP hardware check"
+        $HPPreReq = [boolean](Get-InstalledModule | Where-Object {$_.Name -match "HPCMSL"} -ErrorAction SilentlyContinue -Verbose:$false)
+        if ($HPPreReq){
+            # Import module
+            Import-Module HP.ClientManagement
+            # Get matching identifier from baseboard
+            $SystemID = Get-HPDeviceProductID
+            $SupportedModel = $BIOSPackageDetails | Where-Object {$_.Description -match $SystemID}
+            if (-not ([string]::IsNullOrEmpty($SupportedModel))) {
+                [version]$BIOSApprovedVersion = ($BIOSPackageDetails | Where-Object {$_.Description -match $SystemID} | Sort-Object Version -Descending  | Select-Object -First 1 -Unique -ExpandProperty Version).Split(" ")[0] 
+                $OEM = "HP"
+                Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "$($SupportedModel.Description) succesfully matched on SKU $($SystemID)"
+            } 
+            else {
+                Write-EventLog -LogName $EventLogName -EntryType Warning -EventId 8002 -Source $EventLogSource -Message "Model with SKU value $($SystemID) not found in XML source. Exiting script"
+                Write-Output "Model with SKU value $($SystemID) not found in XML source. Exiting script"
+                Exit 0
+            }       
+        } else { 
+            # HP Prereq is missing. Exit script
+            Write-EventLog -LogName $EventLogName -EntryType Warning -EventId 8002 -Source $EventLogSource -Message "HP CMSL Powershell Module is missing. Remediation not possible."
+            Write-Output "HP Prereq missing. HPCMSL Powershell Module is missing. Remediation not possible."
+            Exit 0
+        }
+    }
+    {($PSItem -match "Lenovo")}{
+        Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message  "Validated Lenovo hardware check"
+        $LenovoPreReq = $true
+        if ($LenovoPreReq){
+            # Get matching identifier from baseboard
+            $SystemID = "Something"
+            $SupportedModel = $BIOSPackageDetails | Where-Object {$_.Description -match $SystemID}
+            if (-not ([string]::IsNullOrEmpty($SupportedModel))) {
+                [version]$BIOSApprovedVersion = ($BIOSPackageDetails | Where-Object {$_.Description -match $SystemID} | Sort-Object Version -Descending  | Select-Object -First 1 -Unique -ExpandProperty Version).Split(" ")[0] 
+                $OEM = "Lenovo"
+            } 
+            else {
+                Write-EventLog -LogName $EventLogName -EntryType Warning -EventId 8001 -Source $EventLogSource -Message "Model $ComputerModel with SKU value $SystemSKU not found in XML source"
+            }
+        }
+    }
+    {($PSItem -match "Dell")}{
+        Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message  "Validated Dell hardware check"
+        if ($DellPreReq){
+            # Get matching identifier from baseboard
+            $SystemID = "Something"
+            $SupportedModel = $BIOSPackageDetails | Where-Object {$_.Description -match $SystemID}
+            if (-not ([string]::IsNullOrEmpty($SupportedModel))) {
+                [version]$BIOSApprovedVersion = ($BIOSPackageDetails | Where-Object {$_.Description -match $SystemID} | Sort-Object Version -Descending  | Select-Object -First 1 -Unique -ExpandProperty Version).Split(" ")[0] 
+                $OEM = "DELL"
+            } 
+            else {
+                Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message  "Model $ComputerModel with SKU value $SystemSKU not found in XML source"
+            }       
+        }
+    }
+    default {
+        Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message  "Incompatible Hardware. $($Manufacturer) not supported"
+        Write-Output "Incompatible Hardware. $($Manufacturer) not supported"
+        Exit 0
+    }
+}
+
+# Checking if registry entries for BIOS Update management exits and set to 0 if they don't exists
+if (-NOT(Test-Path -Path "$RegPath\")) {
+    New-Item -Path "$RegPath" -Force
+    New-ItemProperty -Path "$RegPath" -Name 'BIOSUpdateInprogress' -Value 0 -PropertyType 'DWORD'
+    New-ItemProperty -Path "$RegPath" -Name 'BIOSUpdateAttempts' -Value 0 -PropertyType 'DWORD'
+    New-ItemProperty -Path "$RegPath" -Name 'BIOSUpdateTime' -Value "" -PropertyType 'String'
+    New-ItemProperty -Path "$RegPath" -Name 'BIOSDeployedVersion' -Value "" -PropertyType 'String'
+}
+
+# Check if BIOS Update is in Progress
+$BiosUpdateinProgress = Get-ItemPropertyValue -Path $RegPath -Name "BIOSUpdateInprogress"
+if ($BiosUpdateinProgress -ne 0){
+    Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "BIOS Update already in Progress"
+    # Check if computer has restarted since last try 
+    [DateTime]$BIOSUpdateTime = Get-ItemPropertyValue -Path "$RegPath" -Name 'BIOSUpdateTime'
+    $LastBootime = Get-Date (Get-CimInstance -ClassName Win32_OperatingSystem | Select-Object -ExpandProperty LastBootUpTime)
+    if ($BIOSUpdateTime -gt $LastBootime){
+        Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "Computer pending reboot after BIOS staging. Checking for user session"
+        # Computer not restarted - Invoke remediation to notify user to reboot
+        if (Test-UserSession){
+            #User is logged on - send toast to user to perform the reboot
+            Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "User session found - notify user to reboot with toast"
+            Invoke-ToastNotification -ToastSettings $ToastSettings -AppID $AppID -Scenario $Scenario
+            Write-Output  "Computer pending reboot after BIOS staging. User toast invoked"
+        } else {
+            #No user logged on - enforcing a reboot to finalize BIOS flashing                
+            Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "No user currenty logged on - restarting computer to finalize BIOS flashing"
+            Write-Output  "Computer pending reboot after BIOS staging. No users session found - restarting"
+            $RestartCommand = 'C:\Windows\System32\shutdown.exe'
+            $RestartArguments = '-r -t 60 -c "Your computer will be restarted in 1 minute to complete the BIOS Update process."'
+            Start-Process $RestartCommand -ArgumentList $RestartArguments -NoNewWindow
+        }
+        Exit 0
+    }
+    else {
+        # Step 4 Computer restarted - Check BIOS Version
+        Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "Computer has restarted after flashing - validating bios version"
+        #Check BIOS Version - if not updated - Check counter - if not met threshold exit 1 - if treshold exit 0 
+        $TestBiosCommand = "Test-BIOSVersion$($OEM) -BIOSApprovedVersion $($BIOSApprovedVersion) -SystemID $($SystemID)"
+        $BIOSCheck = Invoke-Expression $TestBiosCommand
+        
+        #If updated OK - Cleanup
+        if ($BIOSCheck.ExitCode -eq 0){
+            Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "Update Completed"
+            Set-ItemProperty -Path "$RegPath" -Name 'BIOSUpdateInprogress' -Value 0
+            Set-ItemProperty -Path "$RegPath" -Name 'BIOSUpdateAttempts' -Value 0 
+            Set-ItemProperty -Path "$RegPath" -Name 'BIOSUpdateTime' -Value "" 
+            Set-ItemProperty -Path "$RegPath" -Name 'BIOSDeployedVersion' -Value "" 
+            Write-Output "$($BIOSCheck.Message)"
+            Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "$($BIOSCheck.Message)"
+            Exit 0
+        }
+        else {
+            #Step 5 Computer restarted - BIOS not updated - Check counter
+            [int]$Attempts = Get-ItemPropertyValue -Path $RegPath -Name 'BIOSUpdateAttempts'
+            Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "Attempt $($Attempts): BIOS not current after flashing and reboot"
+            if ($Attempts -gt 3){
+                # Give up after 3 attempts
+                Write-EventLog -LogName $EventLogName -EntryType Warning -EventId 8002 -Source $EventLogSource -Message "Update not completed after reboot - giving up after $($Attempts) attempts"
+                Write-Output "Update not completed after reboot - giving up after $($Attempts) attempts"
+                Exit 0     
+            } 
+            else {
+                Write-EventLog -LogName $EventLogName -EntryType Warning -EventId 8002 -Source $EventLogSource -Message "Checking for active users sessions"
+                # Checking for user session                
+                if (Test-UserSession){
+                    #User is logged on - send toast to user to perform the reboot
+                    Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "User session found - notify user to reboot with toast"
+                    Invoke-ToastNotification -ToastSettings $ToastSettings -AppID $AppID -Scenario $Scenario
+                    Write-Output  "Computer pending reboot after BIOS staging. User toast invoked"
+                } else {
+                    #No user logged on - enforcing a reboot to finalize BIOS flashing                
+                    Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "No user currenty logged on - restarting computer to finalize BIOS flashing"
+                    Write-Output  "Computer pending reboot after BIOS staging. No users session found - restarting"
+                    $RestartCommand = 'C:\Windows\System32\shutdown.exe'
+                    $RestartArguments = '-r -t 60 -c "Your computer will be restarted in 1 minute to complete the BIOS Update process."'
+                    Start-Process $RestartCommand -ArgumentList $RestartArguments -NoNewWindow
+                }
+                Exit 0
+            }         
+        }
+    }
+}
+else {
+    # Step 6 BIOS Update not in progress - Check BIOS Version
+    Write-Output "Validate bios version"
+    $UpdateBIOSCommand = "Invoke-BIOSUpdate$($OEM) -BIOSApprovedVersion $($BIOSApprovedVersion) -SystemID $($SystemID)"
+    $BIOSUpdate = Invoke-Expression $UpdateBIOSCommand
+
+    if ($BIOSUpdate.ExitCode -eq 1){
+        Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "$($BIOSCheck.Message)"
+        Write-Output "$($BIOSUpdate.Message)"
+        Exit 1
+    }
+    else {
+        Write-EventLog -LogName $EventLogName -EntryType Information -EventId 8001 -Source $EventLogSource -Message "$($BIOSCheck.Message)"
+        Write-Output "$($BIOSUpdate.Message)"
+        Exit 0
+    } 
+}
+#EndRegion Script
+
diff --git a/Firmware/Intune BIOS Update Control/CustomInventory_PR/Invoke-CustomInventoryV2.ps1 b/Firmware/Intune BIOS Update Control/CustomInventory_PR/Invoke-CustomInventoryV2.ps1
new file mode 100644
index 0000000..e5519f5
--- /dev/null
+++ b/Firmware/Intune BIOS Update Control/CustomInventory_PR/Invoke-CustomInventoryV2.ps1	
@@ -0,0 +1,431 @@
+<#
+.SYNOPSIS
+    Collect custom device inventory and upload to Log Analytics for further processing. 
+
+.DESCRIPTION
+    This script will collect device hardware and / or app inventory and upload this to a Log Analytics Workspace. This allows you to easily search in device hardware and installed apps inventory. 
+    The script is meant to be runned on a daily schedule either via Proactive Remediations (RECOMMENDED) in Intune or manually added as local schedule task on your Windows 10 Computer. 
+
+.EXAMPLE
+    Invoke-CustomInventory.ps1 (Required to run as System or Administrator)      
+
+.NOTES
+    FileName:    Invoke-CustomInventory.ps1
+    Author:      Jan Ketil Skanke
+    Contributor: Sandy Zeng/Maurice Daly
+    Contact:     @JankeSkanke
+    Created:     2021-01-02
+    Updated:     2021-04-05
+
+    Version history:
+    0.9.0 - (2021-01-02) Script created
+    1.0.0 - (2021-01-02) Script polished cleaned up. 
+    1.0.1 - (2021-04-05) Added NetworkAdapter array and fixed typo
+    1.1.0 - (2021-09-01) Removed all location information for privacy reasons 
+    2.0.0 - (2021-09-08) Added section to cater for BIOS release version information, for HP, Dell and Lenovo and general bugfixes
+    2.0.1 - (2021-21-10) Added MACAddress to the inventory for each NIC. 
+#>
+#region initialize
+# Enable TLS 1.2 support 
+[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
+# Replace with your Log Analytics Workspace ID
+$CustomerId = ""  
+
+# Replace with your Primary Key
+$SharedKey = ""
+
+#Control if you want to collect App or Device Inventory or both (True = Collect)
+$CollectAppInventory = $true
+$CollectDeviceInventory = $true
+
+# You can use an optional field to specify the timestamp from the data. If the time field is not specified, Azure Monitor assumes the time is the message ingestion time
+# DO NOT DELETE THIS VARIABLE. Recommened keep this blank. 
+$TimeStampField = ""
+
+#endregion initialize
+
+#region functions
+# Function to download files (speedtest)
+function Start-DownloadFile {
+    param(
+        [parameter(Mandatory=$true)]
+        [ValidateNotNullOrEmpty()]
+        [string]$URL,
+
+        [parameter(Mandatory=$true)]
+        [ValidateNotNullOrEmpty()]
+        [string]$Path,
+
+        [parameter(Mandatory=$true)]
+        [ValidateNotNullOrEmpty()]
+        [string]$Name
+    )
+    Begin {
+        # Construct WebClient object
+        $WebClient = New-Object -TypeName System.Net.WebClient
+    }
+    Process {
+        # Create path if it doesn't exist
+        if (-not(Test-Path -Path $Path)) {
+            New-Item -Path $Path -ItemType Directory -Force | Out-Null
+        }
+
+        # Start download of file
+        $WebClient.DownloadFile($URL, (Join-Path -Path $Path -ChildPath $Name))
+    }
+    End {
+        # Dispose of the WebClient object
+        $WebClient.Dispose()
+    }
+}#endfunction
+# Function to get all Installed Application
+function Get-InstalledApplications() {
+    param(
+        [string]$UserSid
+    )
+    
+    New-PSDrive -PSProvider Registry -Name "HKU" -Root HKEY_USERS | Out-Null
+    $regpath = @("HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*")
+    $regpath += "HKU:\$UserSid\Software\Microsoft\Windows\CurrentVersion\Uninstall\*"
+    if (-not ([IntPtr]::Size -eq 4)) {
+        $regpath += "HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*"
+        $regpath += "HKU:\$UserSid\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*"
+    }
+    $propertyNames = 'DisplayName', 'DisplayVersion', 'Publisher', 'UninstallString'
+    $Apps = Get-ItemProperty $regpath -Name $propertyNames -ErrorAction SilentlyContinue | . { process { if ($_.DisplayName) { $_ } } } | Select-Object DisplayName, DisplayVersion, Publisher, UninstallString, PSPath | Sort-Object DisplayName   
+    Remove-PSDrive -Name "HKU" | Out-Null
+    Return $Apps
+}
+
+# Function to create the authorization signature
+Function New-Signature ($customerId, $sharedKey, $date, $contentLength, $method, $contentType, $resource) {
+    $xHeaders = "x-ms-date:" + $date
+    $stringToHash = $method + "`n" + $contentLength + "`n" + $contentType + "`n" + $xHeaders + "`n" + $resource
+
+    $bytesToHash = [Text.Encoding]::UTF8.GetBytes($stringToHash)
+    $keyBytes = [Convert]::FromBase64String($sharedKey)
+
+    $sha256 = New-Object System.Security.Cryptography.HMACSHA256
+    $sha256.Key = $keyBytes
+    $calculatedHash = $sha256.ComputeHash($bytesToHash)
+    $encodedHash = [Convert]::ToBase64String($calculatedHash)
+    $authorization = 'SharedKey {0}:{1}' -f $customerId, $encodedHash
+    return $authorization
+}
+
+# Function to create and post the request
+Function Send-LogAnalyticsData($customerId, $sharedKey, $body, $logType) {
+    $method = "POST"
+    $contentType = "application/json"
+    $resource = "/api/logs"
+    $rfc1123date = [DateTime]::UtcNow.ToString("r")
+    $contentLength = $body.Length
+    $signature = New-Signature `
+        -customerId $customerId `
+        -sharedKey $sharedKey `
+        -date $rfc1123date `
+        -contentLength $contentLength `
+        -method $method `
+        -contentType $contentType `
+        -resource $resource
+    $uri = "https://" + $customerId + ".ods.opinsights.azure.com" + $resource + "?api-version=2016-04-01"
+    
+    #validate that payload data does not exceed limits
+    if ($body.Length -gt (31.9 *1024*1024))
+    {
+        throw("Upload payload is too big and exceed the 32Mb limit for a single upload. Please reduce the payload size. Current payload size is: " + ($body.Length/1024/1024).ToString("#.#") + "Mb")
+    }
+
+    $payloadsize = ("Upload payload size is " + ($body.Length/1024).ToString("#.#") + "Kb ")
+
+    $headers = @{
+        "Authorization"        = $signature;
+        "Log-Type"             = $logType;
+        "x-ms-date"            = $rfc1123date;
+        "time-generated-field" = $TimeStampField;
+    }
+
+    $response = Invoke-WebRequest -Uri $uri -Method $method -ContentType $contentType -Headers $headers -Body $body -UseBasicParsing
+    $statusmessage = "$($response.StatusCode) : $($payloadsize)"
+    return $statusmessage 
+}
+function Start-PowerShellSysNative {
+    param (
+        [parameter(Mandatory = $false, HelpMessage = "Specify arguments that will be passed to the sysnative PowerShell process.")]
+        [ValidateNotNull()]
+        [string]$Arguments
+    )
+
+    # Get the sysnative path for powershell.exe
+    $SysNativePowerShell = Join-Path -Path ($PSHOME.ToLower().Replace("syswow64", "sysnative")) -ChildPath "powershell.exe"
+
+    # Construct new ProcessStartInfo object to run scriptblock in fresh process
+    $ProcessStartInfo = New-Object -TypeName System.Diagnostics.ProcessStartInfo
+    $ProcessStartInfo.FileName = $SysNativePowerShell
+    $ProcessStartInfo.Arguments = $Arguments
+    $ProcessStartInfo.RedirectStandardOutput = $true
+    $ProcessStartInfo.RedirectStandardError = $true
+    $ProcessStartInfo.UseShellExecute = $false
+    $ProcessStartInfo.WindowStyle = "Hidden"
+    $ProcessStartInfo.CreateNoWindow = $true
+
+    # Instatiate the new 64-bit process
+    $Process = [System.Diagnostics.Process]::Start($ProcessStartInfo)
+
+    # Read standard error output to determine if the 64-bit script process somehow failed
+    $ErrorOutput = $Process.StandardError.ReadToEnd()
+    if ($ErrorOutput) {
+        Write-Error -Message $ErrorOutput
+    }
+}#endfunction
+#endregion functions
+
+#region script
+#Get Common data for App and Device Inventory: 
+#Get Intune DeviceID and ManagedDeviceName
+if (@(Get-ChildItem HKLM:SOFTWARE\Microsoft\Enrollments\ -Recurse | Where-Object { $_.PSChildName -eq 'MS DM Server' })) {
+    $MSDMServerInfo = Get-ChildItem HKLM:SOFTWARE\Microsoft\Enrollments\ -Recurse | Where-Object { $_.PSChildName -eq 'MS DM Server' }
+    $ManagedDeviceInfo = Get-ItemProperty -LiteralPath "Registry::$($MSDMServerInfo)"
+}
+$ManagedDeviceName = $ManagedDeviceInfo.EntDeviceName
+$ManagedDeviceID = $ManagedDeviceInfo.EntDMID
+#Get Computer Info
+$ComputerInfo = Get-ComputerInfo
+$ComputerName = $ComputerInfo.CsName
+$ComputerManufacturer = $ComputerInfo.CsManufacturer
+
+#region DEVICEINVENTORY
+if ($CollectDeviceInventory) {
+    #Set Name of Log
+    $DeviceLog = "DeviceInventory"
+
+    #Get Intune DeviceID and ManagedDeviceName
+    if (@(Get-ChildItem HKLM:SOFTWARE\Microsoft\Enrollments\ -Recurse | Where-Object { $_.PSChildName -eq 'MS DM Server' })) {
+        $MSDMServerInfo = Get-ChildItem HKLM:SOFTWARE\Microsoft\Enrollments\ -Recurse | Where-Object { $_.PSChildName -eq 'MS DM Server' }
+        $ManagedDeviceInfo = Get-ItemProperty -LiteralPath "Registry::$($MSDMServerInfo)"
+    }
+    $ManagedDeviceName = $ManagedDeviceInfo.EntDeviceName
+    $ManagedDeviceID = $ManagedDeviceInfo.EntDMID
+
+    #Get Windows Update Service Settings
+    $DefaultAUService = (New-Object -ComObject "Microsoft.Update.ServiceManager").Services | Where-Object { $_.isDefaultAUService -eq $True } | Select-Object Name
+    $AUMeteredNetwork = (Get-ItemProperty -Path HKLM:\Software\Microsoft\WindowsUpdate\UX\Settings\).AllowAutoWindowsUpdateDownloadOverMeteredNetwork
+    if ($AUMeteredNetwork -eq "0") {
+        $AUMetered = "false"
+    }
+    else { $AUMetered = "true" }
+
+#Bandwitdh Checker 
+$SpeedTestExe = "$($env:SystemRoot)\temp\speedtest.exe"
+if ((Test-Path -Path $SpeedTestExe) -eq $false){
+    #Download and extract Speedtest Cli
+    try{
+        $SpeedtestURL = "https://www.speedtest.net/apps/cli"
+        $WebResponseURL = ((Invoke-WebRequest -Uri $SpeedtestURL -UseBasicParsing -ErrorAction Stop -Verbose:$false).links | Where-Object { $_.outerHTML -like "*Download for Windows*" }).href
+        $SpeedtestcliFilename = Split-Path -Path $WebResponseURL -Leaf
+        Start-DownloadFile -URL $WebResponseURL -Path "$($env:SystemRoot)\temp" -Name $SpeedtestcliFilename
+        Expand-Archive "$($env:SystemRoot)\temp\$($SpeedtestcliFilename)" -DestinationPath "$($env:SystemRoot)\temp" -Force -ErrorAction Stop
+    }
+    catch{
+        #Failed to download 
+        $SpeedTestExe = $null
+    }
+}
+if ($SpeedTestExe -ne $null){
+    $SpeedtestResults = & $SpeedTestExe --format=json --accept-license --accept-gdpr  | ConvertFrom-Json  
+    if (-not ([string]::IsNullOrEmpty($SpeedtestResults.download))){
+        $DownloadSpeedMbps = [math]::Round($SpeedtestResults.download.bandwidth / 1000000 * 8, 2) 
+        $UploadSpeedSpeedMbps   = [math]::Round($SpeedtestResults.upload.bandwidth / 1000000 * 8, 2)
+        $NetLatencySec       = [math]::Round($SpeedtestResults.ping.latency)
+    }else {
+        $DownloadSpeedMbps = 0
+        $UploadSpeedSpeedMbps = 0
+        $NetLatencySec = 0
+    } 
+}else{
+    $DownloadSpeedMbps = 0
+    $UploadSpeedSpeedMbps = 0
+    $NetLatencySec = 0
+}
+
+    #Get Device Location
+    $ComputerPublicIP = (Invoke-WebRequest -UseBasicParsing -Uri "http://ifconfig.me/ip").Content
+    $Computerlocation = Invoke-RestMethod -Method Get -Uri "http://ip-api.com/json/$ComputerPublicIP"
+    $ComputerCountry = $Computerlocation.country
+    $ComputerCity = $Computerlocation.city
+
+    # Get Computer Inventory Information 
+    $ComputerModel = $ComputerInfo.CsModel
+    $ComputerUptime = [int]($ComputerInfo.OsUptime).Days
+    $ComputerLastBoot = $ComputerInfo.OsLastBootUpTime
+    $ComputerInstallDate = $ComputerInfo.OsInstallDate
+    $ComputerWindowsVersion = (Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\" -Name "DisplayVersion").DisplayVersion
+    $ComputerSystemSkuNumber = $ComputerInfo.CsSystemSKUNumber
+    $ComputerSerialNr = $ComputerInfo.BiosSeralNumber   
+    $ComputerBiosUUID = Get-WmiObject Win32_ComputerSystemProduct | Select-Object -ExpandProperty UUID
+    $ComputerBiosVersion = $ComputerInfo.BiosSMBIOSBIOSVersion
+    $ComputerBiosDate = $ComputerInfo.BiosReleaseDate
+    $ComputerFirmwareType = $ComputerInfo.BiosFirmwareType
+    $ComputerPCSystemType = $ComputerInfo.CsPCSystemType
+    $ComputerPCSystemTypeEx = $ComputerInfo.CsPCSystemTypeEx
+    $ComputerPhysicalMemory = [Math]::Round(($ComputerInfo.CsTotalPhysicalMemory / 1GB))
+    $ComputerOSBuild = (Get-ItemProperty 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion' -Name CurrentBuild).CurrentBuild
+    $ComputerOSRevision = (Get-ItemProperty 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion' -Name UBR).UBR
+    $ComputerCPU = Get-CimInstance win32_processor  | Select-Object Name, Manufacturer, NumberOfCores, NumberOfLogicalProcessors
+    $ComputerProcessorManufacturer = $ComputerCPU.Manufacturer | Get-Unique
+    $ComputerProcessorName = $ComputerCPU.Name | Get-Unique
+    $ComputerNumberOfCores = $ComputerCPU.NumberOfCores | Get-Unique
+    $ComputerNumberOfLogicalProcessors = $ComputerCPU.NumberOfLogicalProcessors | Get-Unique
+    $TPMValues = Get-Tpm -ErrorAction SilentlyContinue | Select-Object -Property TPMReady, TPMPresent, TPMEnabled, TPMActivated, ManagedAuthLevel
+    $BitLockerInfo = Get-BitLockerVolume -MountPoint C: | Select-Object -Property *
+    $ComputerTPMReady = $TPMValues.TPMReady
+    $ComputerTPMPresent = $TPMValues.TPMPresent
+    $ComputerTPMEnabled = $TPMValues.TPMEnabled
+    $ComputerTPMActivated = $TPMValues.TPMActivated
+    $ComputerTPMThumbprint = (Get-TpmEndorsementKeyInfo).AdditionalCertificates.Thumbprint
+    $ComputerBitlockerCipher = $BitLockerInfo.EncryptionMethod
+    $ComputerBitlockerStatus = $BitLockerInfo.VolumeStatus
+    $ComputerBitlockerProtection = $BitLockerInfo.ProtectionStatus
+    $ComputerDefaultAUService = $DefaultAUService.Name
+    $ComputerAUMetered = $AUMetered
+        
+    #$timestamp = Get-Date -Format "yyyy-MM-DDThh:mm:ssZ" 
+
+    #Get network adapters
+    $NetWorkArray = @()
+
+    $CurrentNetAdapters = Get-NetAdapter | Where-Object { $_.Status -eq 'Up' }
+    
+    foreach ($CurrentNetAdapter in $CurrentNetAdapters) {
+        $IPConfiguration = Get-NetIPConfiguration -InterfaceIndex $CurrentNetAdapter[0].ifIndex
+        $ComputerNetInterfaceDescription = $CurrentNetAdapter.InterfaceDescription
+        $ComputerNetProfileName = $IPConfiguration.NetProfile.Name 
+        $ComputerNetIPv4Adress = $IPConfiguration.IPv4Address.IPAddress
+        $ComputerNetInterfaceAlias = $CurrentNetAdapter.InterfaceAlias
+        $ComputerNetIPv4DefaultGateway = $IPConfiguration.IPv4DefaultGateway.NextHop
+
+        $tempnetwork = New-Object -TypeName PSObject
+        $tempnetwork | Add-Member -MemberType NoteProperty -Name "NetInterfaceDescription" -Value "$ComputerNetInterfaceDescription" -Force 
+        $tempnetwork | Add-Member -MemberType NoteProperty -Name "NetProfileName" -Value "$ComputerNetProfileName" -Force 
+        $tempnetwork | Add-Member -MemberType NoteProperty -Name "NetIPv4Adress" -Value "$ComputerNetIPv4Adress" -Force 
+        $tempnetwork | Add-Member -MemberType NoteProperty -Name "NetInterfaceAlias" -Value "$ComputerNetInterfaceAlias" -Force 
+        $tempnetwork | Add-Member -MemberType NoteProperty -Name "NetIPv4DefaultGateway" -Value "$ComputerNetIPv4DefaultGateway" -Force  
+        $NetWorkArray += $tempnetwork
+    }
+    [System.Collections.ArrayList]$NetWorkArrayList = $NetWorkArray
+
+    # Create JSON to Upload to Log Analytics
+    $Inventory = New-Object System.Object
+    $Inventory | Add-Member -MemberType NoteProperty -Name "ManagedDeviceName" -Value "$ManagedDeviceName" -Force   
+    $Inventory | Add-Member -MemberType NoteProperty -Name "ManagedDeviceID" -Value "$ManagedDeviceID" -Force   
+    $Inventory | Add-Member -MemberType NoteProperty -Name "ComputerName" -Value "$ComputerName" -Force       
+    $Inventory | Add-Member -MemberType NoteProperty -Name "Model" -Value "$ComputerModel" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "Manufacturer" -Value "$ComputerManufacturer" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "PCSystemType" -Value "$ComputerPCSystemType" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "PCSystemTypeEx" -Value "$ComputerPCSystemTypeEx" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "ComputerUpTime" -Value "$ComputerUptime" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "LastBoot" -Value "$ComputerLastBoot" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "InstallDate" -Value "$ComputerInstallDate" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "WindowsVersion" -Value "$ComputerWindowsVersion" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "DefaultAUService" -Value "$ComputerDefaultAUService" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "AUMetered" -Value "$ComputerAUMetered" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "SystemSkuNumber" -Value "$ComputerSystemSkuNumber" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "SerialNumber" -Value "$ComputerSerialNr" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "SMBIOSUUID" -Value "$ComputerBiosUUID" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "BiosVersion" -Value "$ComputerBiosVersion" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "BiosDate" -Value "$ComputerBiosDate" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "FirmwareType" -Value "$ComputerFirmwareType" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "Memory" -Value "$ComputerPhysicalMemory" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "OSBuild" -Value "$ComputerOSBuild" -Force 
+    $Inventory | Add-Member -MemberType NoteProperty -Name "OSRevision" -Value "$ComputerOSRevision" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "CPUManufacturer" -Value "$ComputerProcessorManufacturer" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "CPUName" -Value "$ComputerProcessorName" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "CPUCores" -Value "$ComputerNumberOfCores" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "CPULogical" -Value "$ComputerNumberOfLogicalProcessors" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "TPMReady" -Value "$ComputerTPMReady" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "TPMPresent" -Value "$ComputerTPMPresent" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "TPMEnabled" -Value "$ComputerTPMEnabled" -Force 
+    $Inventory | Add-Member -MemberType NoteProperty -Name "TPMActived" -Value "$ComputerTPMActivated" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "TPMThumbprint" -Value "$ComputerTPMThumbprint" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "BitlockerCipher" -Value "$ComputerBitlockerCipher" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "BitlockerVolumeStatus" -Value "$ComputerBitlockerStatus" -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "BitlockerProtectionStatus" -Value "$ComputerBitlockerProtection" -Force 
+    $Inventory | Add-Member -MemberType NoteProperty -Name "ComputerCountry" -Value "$ComputerCountry" -Force 
+    $Inventory | Add-Member -MemberType NoteProperty -Name "ComputerCity" -Value "$ComputerCity" -Force  
+    $Inventory | Add-Member -MemberType NoteProperty -Name "NetworkAdapters" -Value $NetWorkArrayList -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "DownloadSpeedMbps" -Value $DownloadSpeedMbps -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "UploadSpeedSpeedMbps" -Value $UploadSpeedSpeedMbps -Force
+    $Inventory | Add-Member -MemberType NoteProperty -Name "NetLatencySec" -Value $NetLatencySec -Force
+
+    $Devicejson = $Inventory | ConvertTo-Json
+
+    # Submit the data to the API endpoint
+    $ResponseDeviceInventory = Send-LogAnalyticsData -customerId $customerId -sharedKey $sharedKey -body ([System.Text.Encoding]::UTF8.GetBytes($Devicejson)) -logType $DeviceLog 
+}#endregion DEVICEINVENTORY
+
+#region APPINVENTORY
+if ($CollectAppInventory) {
+    $AppLog = "AppInventory"
+
+    #Get SID of current interactive users
+    $CurrentLoggedOnUser = (Get-WmiObject -Class win32_computersystem).UserName
+    $AdObj = New-Object System.Security.Principal.NTAccount($CurrentLoggedOnUser)
+    $strSID = $AdObj.Translate([System.Security.Principal.SecurityIdentifier])
+    $UserSid = $strSID.Value
+    #Get Apps for system and current user
+    $MyApps = Get-InstalledApplications -UserSid $UserSid
+    $UniqueApps = ($MyApps | Group-Object Displayname | Where-Object { $_.Count -eq 1 } ).Group
+    $DuplicatedApps = ($MyApps | Group-Object Displayname | Where-Object { $_.Count -gt 1 } ).Group 
+    $NewestDuplicateApp = ($DuplicatedApps | Group-Object DisplayName) | ForEach-Object { $_.Group | Sort-Object [version]DisplayVersion -Descending | Select-Object -First 1 }
+    $CleanAppList = $UniqueApps + $NewestDuplicateApp | Sort-Object DisplayName
+
+    $AppArray = @()
+    foreach ($App in $CleanAppList) {
+        $tempapp = New-Object -TypeName PSObject
+        $tempapp | Add-Member -MemberType NoteProperty -Name "ComputerName" -Value "$ComputerName" -Force   
+        $tempapp | Add-Member -MemberType NoteProperty -Name "ManagedDeviceName" -Value "$ManagedDeviceName" -Force   
+        $tempapp | Add-Member -MemberType NoteProperty -Name "ManagedDeviceID" -Value "$ManagedDeviceID" -Force 
+        $tempapp | Add-Member -MemberType NoteProperty -Name "AppName" -Value $App.DisplayName -Force
+        $tempapp | Add-Member -MemberType NoteProperty -Name "AppVersion" -Value $App.DisplayVersion -Force
+        $tempapp | Add-Member -MemberType NoteProperty -Name "AppInstallDate" -Value $App.InstallDate -Force -ErrorAction SilentlyContinue
+        $tempapp | Add-Member -MemberType NoteProperty -Name "AppPublisher" -Value $App.Publisher -Force
+        $tempapp | Add-Member -MemberType NoteProperty -Name "AppUninstallString" -Value $App.UninstallString -Force
+        $tempapp | Add-Member -MemberType NoteProperty -Name "AppUninstallRegPath" -Value $app.PSPath.Split("::")[-1]
+        $AppArray += $tempapp
+    }    
+
+    $Appjson = $AppArray | ConvertTo-Json
+
+    # Submit the data to the API endpoint
+    $ResponseAppInventory = Send-LogAnalyticsData -customerId $customerId -sharedKey $sharedKey -body ([System.Text.Encoding]::UTF8.GetBytes($Appjson)) -logType $AppLog 
+}
+#endregion APPINVENTORY
+
+#Report back status
+$date = Get-Date -Format "dd-MM HH:mm"
+$OutputMessage = "InventoryDate:$date "
+
+if ($CollectDeviceInventory) {
+    if ($ResponseDeviceInventory -match "200 :") {
+        
+        $OutputMessage = $OutPutMessage + "DeviceInventory:OK " + $ResponseDeviceInventory
+    }
+    else {
+        $OutputMessage = $OutPutMessage + "DeviceInventory:Fail "
+    }
+}
+if ($CollectAppInventory) {
+    if ($ResponseAppInventory -match "200 :") {
+        
+        $OutputMessage = $OutPutMessage + " AppInventory:OK " + $ResponseAppInventory
+    }
+    else {
+        $OutputMessage = $OutPutMessage + " AppInventory:Fail "
+    }
+}
+Write-Output $OutputMessage
+Exit 0
+
+
+
+#endregion script
\ No newline at end of file
diff --git a/Firmware/Intune BIOS Update Control/HPCMSL_PR/Detect.ps1 b/Firmware/Intune BIOS Update Control/HPCMSL_PR/Detect.ps1
new file mode 100644
index 0000000..7891b08
--- /dev/null
+++ b/Firmware/Intune BIOS Update Control/HPCMSL_PR/Detect.ps1	
@@ -0,0 +1,65 @@
+#HP HPCMLS Detection Script 
+#Created by: 
+#Jan Ketil Skanke & Maurice Daly 
+#MSEndpointMgr.com 
+
+#Start Detection
+#Validate that script is executed on HP hardware
+$Manufacturer = (Get-WmiObject -Class "Win32_ComputerSystem" | Select-Object -ExpandProperty Manufacturer).Trim()
+switch -Wildcard ($Manufacturer) {
+    "*HP*" {
+        Write-output "Validated HP hardware check" 
+    }
+    "*Hewlett-Packard*" {
+        Write-output "Validated HP hardware check" 
+    }
+    default {
+        Write-output "Not running on HP Hardware, Remediation not applicable"; exit 0
+    }
+}
+$ProviderInstalled = $false
+$Providers = Get-PackageProvider -ListAvailable 
+if ($Providers.Name -notcontains "NuGet") {
+    Write-Output "Required provider missing"; exit 1
+}elseif (((Get-PackageProvider -Name "NuGet").version) -le ([Version]"2.8.5")) {
+    Write-Output "Provider must be updated"; exit 1
+}else {
+    Write-Output "Provider OK, Checking for modules" 
+    $ProviderInstalled = $true
+}
+
+if ($ProviderInstalled) {
+    $PowerShellGetInstalledModule = Get-InstalledModule -Name "PowerShellGet" -ErrorAction SilentlyContinue -Verbose:$false
+    if ($PowerShellGetInstalledModule -ne $null) {
+        try {
+            # Attempt to locate the latest available version of the PowerShellGet module from repository
+            Write-Output "Attempting to request the latest PowerShellGet module version from repository" 
+            $PowerShellGetLatestModule = Find-Module -Name "PowerShellGet" -ErrorAction Stop -Verbose:$false
+            if ($PowerShellGetLatestModule -ne $null) {
+                if ($PowerShellGetInstalledModule.Version -lt $PowerShellGetLatestModule.Version) {
+                    Write-Output "Newer PowerShellGet version detected, update from repository is needed";exit 1
+                } else {
+                    Write-Output "PowershellGet is Ready"
+                    $HPInstalledModule = Get-InstalledModule | Where-Object {$_.Name -match "HPCMSL"} -ErrorAction SilentlyContinue -Verbose:$false
+                    if ($HPInstalledModule -ne $null) {
+                        $HPGetLatestModule = Find-Module -Name "HPCMSL" -ErrorAction Stop -Verbose:$false
+                        if ($HPInstalledModule.Version -lt $HPGetLatestModule.Version) {
+                            Write-Output "Newer HPCMSL version detected, update from repository is needed";exit 1
+                        } else {
+                            Write-Output "HPCMSL Module is up to date"; exit 0
+                        }
+                    } else {
+                        Write-Output "HPCMSL Module is missing"; exit 1
+                    }
+                }
+            } else {
+                Write-Output "Location request for the latest available version of the PowerShellGet module failed, can't continue"; exit 1
+            }
+        }
+        catch [System.Exception] {
+            Write-Output "Failed to retrieve the latest available version of the PowerShellGet module, can't continue. Error message: $($_.Exception.Message)" ; exit 1
+        }
+    } else {
+        Write-Output "PowershellGet module is missing"; exit 1
+    }
+}
diff --git a/Firmware/Intune BIOS Update Control/HPCMSL_PR/Remeditate.ps1 b/Firmware/Intune BIOS Update Control/HPCMSL_PR/Remeditate.ps1
new file mode 100644
index 0000000..c74ba76
--- /dev/null
+++ b/Firmware/Intune BIOS Update Control/HPCMSL_PR/Remeditate.ps1	
@@ -0,0 +1,139 @@
+#HP HPCMLS Detection Script 
+#Created by: 
+#Jan Ketil Skanke & Maurice Daly 
+#MSEndpointMgr.com 
+#Start-PowerShellSysNative is inspired by @NickolajA's method to install the HPCMLS module 
+
+#Start remediate
+#This remediation must run in system context and in 64bit powershell. 
+function Start-PowerShellSysNative {
+    param (
+        [parameter(Mandatory = $false, HelpMessage = "Specify arguments that will be passed to the sysnative PowerShell process.")]
+        [ValidateNotNull()]
+        [string]$Arguments
+    )
+
+    # Get the sysnative path for powershell.exe
+    $SysNativePowerShell = Join-Path -Path ($PSHOME.ToLower().Replace("syswow64", "sysnative")) -ChildPath "powershell.exe"
+
+    # Construct new ProcessStartInfo object to run scriptblock in fresh process
+    $ProcessStartInfo = New-Object -TypeName System.Diagnostics.ProcessStartInfo
+    $ProcessStartInfo.FileName = $SysNativePowerShell
+    $ProcessStartInfo.Arguments = $Arguments
+    $ProcessStartInfo.RedirectStandardOutput = $true
+    $ProcessStartInfo.RedirectStandardError = $true
+    $ProcessStartInfo.UseShellExecute = $false
+    $ProcessStartInfo.WindowStyle = "Hidden"
+    $ProcessStartInfo.CreateNoWindow = $true
+
+    # Instatiate the new 64-bit process
+    $Process = [System.Diagnostics.Process]::Start($ProcessStartInfo)
+
+    # Read standard error output to determine if the 64-bit script process somehow failed
+    $ErrorOutput = $Process.StandardError.ReadToEnd()
+    if ($ErrorOutput) {
+        Write-Error -Message $ErrorOutput
+    }
+}#endfunction
+
+ # Enable TLS 1.2 support for downloading modules from PSGallery (Required)
+ [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
+# Validate that script is executed on HP hardware
+$Manufacturer = (Get-WmiObject -Class "Win32_ComputerSystem" | Select-Object -ExpandProperty Manufacturer).Trim()
+switch -Wildcard ($Manufacturer) {
+    "*HP*" {
+        Write-output "Validated HP hardware check" 
+    }
+    "*Hewlett-Packard*" {
+        Write-output "Validated HP hardware check" 
+    }
+    default {
+        Write-output "Not running on HP Hardware, Script not applicable"; exit 0
+    }
+}
+
+# Install latest NuGet package provider
+try {
+Write-Output "Attempting to install latest NuGet package provider"
+$PackageProvider = Install-PackageProvider -Name "NuGet" -Force -ErrorAction Stop -Verbose:$false
+}
+catch [System.Exception] {
+    Write-output "Unable to install latest NuGet package provider. Error message: $($_.Exception.Message)"; exit 1
+}   
+
+# Install the latest PowershellGet Module 
+if ($PackageProvider.Version -ge "2.8.5"){
+    $PowerShellGetInstalledModule = Get-InstalledModule -Name "PowerShellGet" -ErrorAction SilentlyContinue -Verbose:$false
+    if ($PowerShellGetInstalledModule -ne $null) {
+        try {
+            # Attempt to locate the latest available version of the PowerShellGet module from repository
+            Write-Output "Attempting to request the latest PowerShellGet module version from repository" 
+            $PowerShellGetLatestModule = Find-Module -Name "PowerShellGet" -ErrorAction Stop -Verbose:$false
+            if ($PowerShellGetLatestModule -ne $null) {
+                if ($PowerShellGetInstalledModule.Version -lt $PowerShellGetLatestModule.Version) {
+                    try {
+                        # Newer module detected, attempt to update
+                        Write-Output "Newer version detected, attempting to update the PowerShellGet module from repository" 
+                        Update-Module -Name "PowerShellGet" -Scope "AllUsers" -Force -ErrorAction Stop -Confirm:$false -Verbose:$false
+                    }
+                    catch [System.Exception] {
+                        Write-Output "Failed to update the PowerShellGet module. Error message: $($_.Exception.Message)"; exit 1
+                    }
+                }
+            }
+            else {
+                Write-Output "Location request for the latest available version of the PowerShellGet module failed, can't continue"; exit 1
+            }
+        }
+        catch [System.Exception] {
+            Write-Output "Failed to retrieve the latest available version of the PowerShellGet module, can't continue. Error message: $($_.Exception.Message)" ; exit 1
+        }
+    } else {
+        try {
+            # PowerShellGet module was not found, attempt to install from repository
+            Write-Output "PowerShellGet module was not found, attempting to install it including dependencies from repository" 
+            Write-Output "Attempting to install PackageManagement module from repository" 
+            Install-Module -Name "PackageManagement" -Force -Scope AllUsers -AllowClobber -ErrorAction Stop -Verbose:$false
+            Write-Output "Attempting to install PowerShellGet module from repository" 
+            Install-Module -Name "PowerShellGet" -Force -Scope AllUsers -AllowClobber -ErrorAction Stop -Verbose:$false
+        }
+        catch [System.Exception] {
+            Write-Output "Unable to install PowerShellGet module from repository. Error message: $($_.Exception.Message)"; exit 1
+        }
+    }
+    
+    #Install the latest HPCMSL Module
+    $HPInstalledModule = Get-InstalledModule | Where-Object {$_.Name -match "HPCMSL"} -ErrorAction SilentlyContinue -Verbose:$false
+    if ($HPInstalledModule -ne $null) {
+        $HPGetLatestModule = Find-Module -Name "HPCMSL" -ErrorAction Stop -Verbose:$false
+        if ($HPInstalledModule.Version -lt $HPGetLatestModule.Version) {
+            Write-Output "Newer HPCMSL version detected, updating from repository"
+            $scriptBlock = {
+                try {
+                    # Install HP Client Management Script Library
+                    Write-Output -Value "Attempting to install HPCMSL module from repository" 
+                    Update-Module -Name "HPCMSL" -AcceptLicense -Force -ErrorAction Stop -Verbose:$false
+                } 
+                catch [System.Exception] {
+                    Write-OutPut -Value "Unable to install HPCMSL module from repository. Error message: $($_.Exception.Message)"; exit 1
+                }
+            } 
+            Start-PowerShellSysNative -Arguments "-ExecutionPolicy Bypass $($scriptBlock)"
+        } else {
+            Write-Output "HPCMSL Module is up to date"; exit 0
+        }
+    } else {
+        Write-Output "HPCMSL Module is missing, try to install from repository"
+        $scriptBlock = {
+            try {
+                # Install HP Client Management Script Library
+                Write-Output -Value "Attempting to install HPCMSL module from repository" 
+                Install-Module -Name "HPCMSL" -AcceptLicense -Force -ErrorAction Stop -Verbose:$false
+            } 
+            catch [System.Exception] {
+                Write-OutPut -Value "Unable to install HPCMSL module from repository. Error message: $($_.Exception.Message)"; exit 1
+            }
+        } 
+        Start-PowerShellSysNative -Arguments "-ExecutionPolicy Bypass $($scriptBlock)"
+    }
+}
\ No newline at end of file
diff --git a/Firmware/Intune BIOS Update Control/HPCMSL_PR/readme.md b/Firmware/Intune BIOS Update Control/HPCMSL_PR/readme.md
new file mode 100644
index 0000000..d226846
--- /dev/null
+++ b/Firmware/Intune BIOS Update Control/HPCMSL_PR/readme.md	
@@ -0,0 +1,5 @@
+#Proactive remediation to take care of the following: 
+
+1. Update Nuget Provider
+2. Update PowershellGet 
+3. Install the latest HPCMLS module from Gallery 
diff --git a/Firmware/readme.md b/Firmware/readme.md
new file mode 100644
index 0000000..cb4af51
--- /dev/null
+++ b/Firmware/readme.md
@@ -0,0 +1,11 @@
+# Intune Firmware related content 
+
+### BIOSUpdate_PR 
+This folder contains the proactive remediations for Intune BIOS update control. 
+Current release is considered beta and have only support for HP 
+
+### CustomInventory_PR
+This folder contains our latest version of the Custom Inventory Script. Required for Intune BIOS update control. 
+
+### HPMCSL_PR
+This folder contains a Proactive Remediation package to keep HP CMSL powershell modules up to date. Required for Intune BIOS Update control for HP