hi Shaq,
the reason I stated that HTTPS was required was because it was in TP1905, but then it wasn't in TP1909, but in ConfigMgr 1910 Current Branch it is again, required.
but... going forward I think that a future release of ConfigMgr (maybe 2002) will allow you to use eHTTP or HTTPS, that would make it much easier to use the MBAM capabilities but remember HTTPS is more secure regardless.
cheers
niall