After upgrading to SEP 14.0 RU1 and newer, the Client Activity log shows warnings about Client Intrusion Detection System (CIDS) and Memory Exploit Mitigation (MEM).
Memory Exploit Mitigation Custom Applications disabled by license policy.
1/16/2018 10:31:04 AM Warning Memory Exploit Mitigation Custom Applications disabled by license policy
It is an expected warning when the SEPM server is not enrolled with the Cloud (14.1).
This message is informational only and can be ignored for SEPM servers that are not enrolled in the Cloud (14.1).
If SEP Shield shows a notification of one security policy protection component disabled, you must LOCK the Enable Memory Exploit Mitigation in the policy to rectify the issue
To Lock Memory Exploit Mitigation