I haven't had that for Defender as of yet; each of my test upgrades went as expected, though I did need to reapprove a FortiClient extension I'd manually approved rather than deployed via config.

What does your Cisco Amp PPPC profile look like? I can compare it to mine that is currently working on a Big Sur -> Monterey upgrade test machine.

Often when doing major version upgrades like that I've found the endpoint experience best when I clone the profile (same payloads) but give it a new name and scoped specifically to that major OS version. So like the PPPC or System Extension payloads could be identical between Big Sur and Monterey, but it's technically a different profile.

This makes sense when you think of MDM as being an event that causes changes on the local system. If the profile existed on the Mac before the OS upgrade then the upgrade would over-write the changes made on the old OS. By removing/reapplying the profile the MDM events reissue the local system events and reestablishes the changes. 

Here's the one for System Extensions for Cisco AMP

I think I shot myself in the foot on this one.  I had scoped the Configuration Profiles to Catalina and Big Sur machines and so the recently upgraded ones on Monterey went out of scope.  I widened the scope of the group to include Monterey and the machines went back into scope and the Configuration Profiles redeployed. 

I did have to reboot to have the configuration profiles go into affect.

I'm dealing with this issue, too. When you say you had to "reboot" the configuration profiles, what do you mean by that? Do you mean you clicked edit, then clicked save, then "Distribute to All"? Or did you have to clone all the profiles and redeploy them as new?

Description file will pop up when saved after modifying scope. Whether the prompt is for all devices or users/or only for new devices.