Blog Post

Microsoft Security Blog
3 MIN READ

Reduce Risk Across Your Environments with the Latest Threat and Vulnerability Management Updates

rachelpark's avatar
rachelpark
Icon for Microsoft rankMicrosoft
Nov 02, 2021

The effective identification, assessment, and remediation of endpoint vulnerabilities is critical to reducing organizational risk and strengthening your security posture. That’s why we continue to expand threat and vulnerability management capabilities in Microsoft Defender for Endpoint.

 

Threat and vulnerability management support for Android and iOS is now in public preview

In June, we announced the general availability of threat and vulnerability management for Linux. Today, we are excited to announce the public preview of vulnerability management support for Android and iOS. With this new cross-platform coverage, threat and vulnerability management capabilities now support all major device platforms across the organization - spanning workstations, servers, and mobile devices. Organizations have access to real-time risk insights, intelligent assessment and prioritization, and the tools to seamlessly remediate vulnerabilities across their devices.

 

Figure 1 vulnerability management dashboard - access insights across devices

 

Threat and vulnerability management support for Android and iOS is part of Microsoft Defender for Endpoint’s mobile threat defense solution, which enables customers to maintain a seamless and consistent experience across their device platforms.

 

The capabilities included in this preview are:

Android:

  • Vulnerability assessment of Android OS versions of onboarded Android devices.
  • Vulnerability assessment of apps that are installed on onboarded Android devices.
  • Note about privacy related to apps from personal devices (BYOD):
    • For Android Enterprise with a work profile, apps installed only on the work profile will be supported.
    • For other BYOD modes, by default vulnerability assessment of apps will not be available. However, in device administrator mode, admins can explicitly enable this feature through Microsoft Endpoint Manager to get the list of apps installed on the device. Visit our documentation to learn more.

iOS:

  • Vulnerability assessment of iOS versions on onboarded iOS/iPadOS devices.
  • Note: Vulnerability assessment of apps on iOS devices is not a part of this release and will be added at a later date.

 

Get started onboarding mobile devices to Microsoft Defender for Endpoint here.

 

Figure 2 Device Inventory - admins can check exposure level of onboarded mobile devices

 

Threat and vulnerability management capabilities in Microsoft Defender for Cloud is now generally available

Today we are excited to announce the general availability of Microsoft threat and vulnerability management as a new vulnerability assessment provider within Microsoft Defender for Cloud (formerly Azure Security Center and Azure Defender).

 

Defender for Cloud is a Cloud Security Posture Management (CSPM) and workload protection solution that finds weak spots across your cloud configuration, helps strengthen the overall security posture of your environment and protects workloads across multi-cloud and hybrid environments. Key to effective workload protection are visibility of vulnerabilities and the ability to manage those which expose your workloads and pose risks to your organization.

 

This integration in Defender for Cloud allows for the frictionless onboarding of existing and new server workloads, so customers can detect vulnerable software without the need to install additional agents or scanners. Microsoft threat and vulnerability management also provide continuous assessment, providing customers with real-time risk-based insights instead of periodic scans.

 

As part of this integration, we also added new software inventory filters to the Inventory experience, so you can easily search for and filter by software products that are installed on your workloads. Learn more about the software inventory.

 

Learn how to use Microsoft threat and vulnerability management solutions in Defender for Cloud here.

 

 

Learn more & Get started

Threat and vulnerability management capabilities are part of Microsoft Defender for Endpoint and enable organizations to effectively identify, assess, and remediate endpoint weaknesses to reduce organizational risk. 

 

  1. Get started onboarding mobile devices to Microsoft Defender for Endpoint here
  2. Learn how to use Microsoft threat and vulnerability management solutions in Defender for Cloud here.
  3. Turn on preview features for Microsoft Defender for Endpoint to get access to the newest capabilities.
  4. Threat and vulnerability management capabilities are part of Microsoft Defender for Endpoint and enable organizations to effectively identify, assess, and remediate endpoint weaknesses to reduce organizational risk. Check out our documentation for a complete overview of supported operating systems and platforms.

We’re excited to hear your feedback and questions! As you explore these new capabilities, please visit us on our Tech Community page.

 

Additional resources

Microsoft Defender for Endpoint on Android and iOS

Microsoft Defender for Cloud News

 

Updated Nov 01, 2021
Version 1.0
No CommentsBe the first to comment