Describe Microsoft Defender Vulnerability Management
Defender Vulnerability Management delivers asset visibility, intelligent assessments, and built-in remediation tools for Windows, macOS, Linux, Android, iOS, and network devices.
Leveraging Microsoft threat intelligence, breach likelihood predictions, business contexts, and devices assessments, Defender Vulnerability Management rapidly and continuously prioritizes the biggest vulnerabilities on your most critical assets and provides security recommendations to mitigate risk.
Continuous asset discovery and monitoring
Defender Vulnerability Management built-in and agentless scanners continuously monitor and detect risk in your organization even when devices aren't connected to the corporate network.
Consolidated inventories provide a real-time view of your organization's software applications, digital certificates, hardware and firmware, and browser extensions to help you monitor and assess all your organization's assets. Examples include:
- Visibility into software and vulnerabilities - Get a view of the organization's software inventory, and software changes like installations, uninstalls, and patches.
- Network share assessment - Assess vulnerable internal network shares configuration with actionable security recommendations.
- Browser extensions assessment - View a list of the browser extensions installed across different browsers in your organization. View information on an extension's permissions and associated risk levels.
- Digital certificates assessment - View a list of certificates installed across your organization in a single central certificate inventory page. Identify certificates before they expire and detect potential vulnerabilities due to weak signature algorithms.
- And more...
Risk-based intelligent prioritization
Defender Vulnerability Management leverages Microsoft's threat intelligence, breach likelihood predictions, business contexts, and device assessments to quickly prioritize the biggest vulnerabilities in your organization.
Risk-based intelligent prioritization focuses on emerging threats to align the prioritization of security recommendations with vulnerabilities currently being exploited in the wild and emerging threats that pose the highest risk. Risk-based intelligent prioritization also pinpoints active breaches and protects high value assets.
A single view of prioritized recommendations from multiple security feeds, along with critical details including related Common Vulnerabilities and Exposures (CVEs) and exposed devices, helps you quickly remediate the biggest vulnerabilities on your most critical assets.
Remediation and tracking
Remediation and tracking enable security administrators and IT administrators to collaborate and seamlessly remediate issues with built-in workflows.
- Remediation requests sent to IT - Create a remediation task in Microsoft Intune from a specific security recommendation.
- Block vulnerable applications - Mitigate risk with the ability to block vulnerable applications for specific device groups.
- Alternate mitigations - Gain insights on other mitigations, such as configuration changes that can reduce risk associated with software vulnerabilities.
- Real-time remediation status - Real-time monitoring of the status and progress of remediation activities across the organization.
Dashboard insights
You can use the vulnerability management capability in the Microsoft Defender portal to:
- View your exposure score and Microsoft Secure Score for Devices, along with top security recommendations, software vulnerability, remediation activities, and exposed devices.
- Correlate endpoint detection and response (EDR) insights with endpoint vulnerabilities and process them.
- Select remediation options to triage and track the remediation tasks.
- Select exception options and track active exceptions.
