In an Azure environment with 100 Windows 10 devices, you need to restrict access to Azure AD-integrated applications to users whose devices are up-to-date with the latest security patches. Which Azure feature should you implement to achieve this?