Hardware Encryption Capabilities for Apple Hardware

What
Apple devices can report hardware encryption details through MDM. These values help confirm whether a device supports block-level encryption, file-level encryption, or both.
When/Why
FileWave can report Apple's 
HardwareEncryptionCaps value as part of the MDM security information returned by supported devices. Apple documents this value in the SecurityInfo response: https://developer.apple.com/documentation/devicemanagement/securityinforesponse/securityinfo.
How
Hardware Encryption Capabilities reports supported encryption for iOS 4+ and tvOS 6+ devices.
Passcode Present helps determine whether data protection is active on iOS 4+ and tvOS 6+ devices when read together with Hardware Encryption Capabilities.
Is Recovery Lock Enabled reports whether Recovery Lock is enabled on Apple silicon Macs running macOS 11.5+.
Digging Deeper
HardwareEncryptionCaps is an integer that indicates the underlying hardware encryption capabilities of the device, which is one of the following values:
1: Block-level encryption
2: File-level encryption
3: Both block-level and file-level encryption
This value is available in iOS 4 and later, and tvOS 6 and later.
For a device to have data protection, 
HardwareEncryptionCaps must be 
3 and 
PasscodePresent must be 
true.