The effective identification, assessment, and remediation of endpoint vulnerabilities is critical to reducing organizational risk and strengthening your security posture. That’s why we continue to expand threat and vulnerability management capabilities in Microsoft Defender for Endpoint.
Threat and vulnerability management support for Android and iOS is now in public preview
In June, we announced the general availability of threat and vulnerability management for Linux. Today, we are excited to announce the public preview of vulnerability management support for Android and iOS. With this new cross-platform coverage, threat and vulnerability management capabilities now support all major device platforms across the organization - spanning workstations, servers, and mobile devices. Organizations have access to real-time risk insights, intelligent assessment and prioritization, and the tools to seamlessly remediate vulnerabilities across their devices.
Figure 1 vulnerability management dashboard - access insights across devices
Threat and vulnerability management support for Android and iOS is part of Microsoft Defender for Endpoint’s mobile threat defense solution, which enables customers to maintain a seamless and consistent experience across their device platforms.
The capabilities included in this preview are:
Android:
- Vulnerability assessment of Android OS versions of onboarded Android devices.
- Vulnerability assessment of apps that are installed on onboarded Android devices.
- Note about privacy related to apps from personal devices (BYOD):
- For Android Enterprise with a work profile, apps installed only on the work profile will be supported.
- For other BYOD modes, by default vulnerability assessment of apps will not be available. However, in device administrator mode, admins can explicitly enable this feature through Microsoft Endpoint Manager to get the list of apps installed on the device. Visit our documentation to learn more.
iOS:
- Vulnerability assessment of iOS versions on onboarded iOS/iPadOS devices.
- Note: Vulnerability assessment of apps on iOS devices is not a part of this release and will be added at a later date.
Get started onboarding mobile devices to Microsoft Defender for Endpoint here.
Figure 2 Device Inventory - admins can check exposure level of onboarded mobile devices
Threat and vulnerability management capabilities in Microsoft Defender for Cloud is now generally available
Today we are excited to announce the general availability of Microsoft threat and vulnerability management as a new vulnerability assessment provider within Microsoft Defender for Cloud (formerly Azure Security Center and Azure Defender).
Defender for Cloud is a Cloud Security Posture Management (CSPM) and workload protection solution that finds weak spots across your cloud configuration, helps strengthen the overall security posture of your environment and protects workloads across multi-cloud and hybrid environments. Key to effective workload protection are visibility of vulnerabilities and the ability to manage those which expose your workloads and pose risks to your organization.
This integration in Defender for Cloud allows for the frictionless onboarding of existing and new server workloads, so customers can detect vulnerable software without the need to install additional agents or scanners. Microsoft threat and vulnerability management also provide continuous assessment, providing customers with real-time risk-based insights instead of periodic scans.
As part of this integration, we also added new software inventory filters to the Inventory experience, so you can easily search for and filter by software products that are installed on your workloads. Learn more about the software inventory.
Learn how to use Microsoft threat and vulnerability management solutions in Defender for Cloud here.
Learn more & Get started
Threat and vulnerability management capabilities are part of Microsoft Defender for Endpoint and enable organizations to effectively identify, assess, and remediate endpoint weaknesses to reduce organizational risk.
- Get started onboarding mobile devices to Microsoft Defender for Endpoint here.
- Learn how to use Microsoft threat and vulnerability management solutions in Defender for Cloud here.
- Turn on preview features for Microsoft Defender for Endpoint to get access to the newest capabilities.
- Threat and vulnerability management capabilities are part of Microsoft Defender for Endpoint and enable organizations to effectively identify, assess, and remediate endpoint weaknesses to reduce organizational risk. Check out our documentation for a complete overview of supported operating systems and platforms.
We’re excited to hear your feedback and questions! As you explore these new capabilities, please visit us on our Tech Community page.
Additional resources
Microsoft Defender for Endpoint on Android and iOS
Microsoft Defender for Cloud News
Updated Nov 01, 2021
Version 1.0rachelpark
Microsoft
Joined May 11, 2021
Microsoft Security Blog
Follow this blog board to get notified when there's new activity