Application Monitor that does not rely on NTLM

Nope - the implication is that I didn't know what exact version had this implemented and I didn't have time to run back through all the release notes until I found it.  I defaulted to "giving an answer quickly" over "giving the most thorough answer."  If you have this option, but it doesn't work, then that needs a support case.

Hi KMSigma - I received multiple email updates for this item from you, one of which included Status Notes that stated "Implemented in SAM 2020.2.6 (or previous version)".

We are running SAM 2020.2.5 which shows the same options as per your screenshot however it does not work. Do I interpret this as implying we need to upgrade to SAM 2020.2.6 before seeing any change in behavior or do I perhaps have it mis-configured?

Pretty much.  It uses the same authentication mechanisms that Microsoft defines on Understanding HTTP Authentication - WCF | Microsoft Docs

I'm assuming Negotiate just picks the best protocol (either Kerberos or NTLM??

Thanks a lot KMSigma!