Prerequisites & permissions - threat and vulnerability management

Applies to:

Want to experience Microsoft Defender for Endpoint? Sign up for a free trial.

Ensure that your devices:

  • Are onboarded to Microsoft Defender for Endpoint
  • Run supported operating systems and platforms
  • Have the following mandatory updates installed and deployed in your network to boost your vulnerability assessment detection rates:
Release Security update KB number and link
Windows 10 Version 1709 KB4493441 and KB 4516071
Windows 10 Version 1803 KB4493464 and KB 4516045
Windows 10 Version 1809 KB 4516077
Windows 10 Version 1903 KB 4512941
  • Are onboarded to Microsoft Intune and Microsoft Endpoint Configuration Manager to help remediate threats found by threat and vulnerability management. If you're using Configuration Manager, update your console to the latest version.
    • Note: If you have the Intune connection enabled, you get an option to create an Intune security task when creating a remediation request. This option does not appear if the connection is not set.
  • Have at least one security recommendation that can be viewed in the device page
  • Are tagged or marked as co-managed

Relevant permission options

  1. Log in to Microsoft Defender Security Center using account with a Security administrator or Global administrator role assigned.
  2. In the navigation pane, select Settings > Roles.

For more information, see Create and manage roles for role-based access control

View data

  • Security operations - View all security operations data in the portal
  • Threat and vulnerability management - View threat and vulnerability management data in the portal

Active remediation actions

  • Security operations - Take response actions, approve or dismiss pending remediation actions, manage allowed/blocked lists for automation and indicators
  • Threat and vulnerability management - Exception handling - Create new exceptions and manage active exceptions
  • Threat and vulnerability management - Remediation handling - Submit new remediation requests, create tickets, and manage existing remediation activities

For more information, see RBAC permission options