Yes, I agree this one does seem like a pretty punctual need. I keep getting stuck on it feeling very far from something to detect on an endpoint.
Looking at that link, most of the suggestions feel very oriented around detecting problems in your server fleet. Which feels valuable, yes, but not clearly applicable. (Also note much of that is looking for whether the feature is disabled, not whether the underlying process is vulnerable)