Blog Post

Microsoft Defender for Cloud Blog
2 MIN READ

Exporting Vulnerability Assessment Results in Microsoft Defender for Cloud

YuriDiogenes's avatar
YuriDiogenes
Icon for Microsoft rankMicrosoft
Mar 05, 2020
With the new Microsoft Defender for Cloud built-in vulnerability assessment solution, you can manage the deployment of the agent and the visualization of the results from a single dashboard. You can ...
Updated Oct 24, 2021
Version 7.0
YuriDiogenes's avatar
Icon for Microsoft rankMicrosoft
Joined March 01, 2018
View Profile
Microsoft Defender for Cloud Blog

Microsoft Defender for Cloud is a cloud-native application protection platform (CNAPP) that offers security and compliance from code to runtime, enhanced by AI, for hybrid and multicloud environments.

When evaluating various solutions, your peers value hearing from people like you who’ve used the product. Review Microsoft Defender for Cloud by filling out a Gartner Peer Insights survey and receive a $25 USD gift card (for customers only). Here are the Privacy/Guideline links: Microsoft Privacy Statement, Gartner’s Community Guidelines & Gartner Peer Insights Review Guide.

SarathKScloudsecguy's avatar
SarathKScloudsecguy
Copper Contributor
Mar 11, 2022

Thanks YuriDiogenes for sharing this information. Updated script with a minor change 

securityresources
 | where type == "microsoft.security/assessments"
 | where * contains "Machines should have vulnerability findings resolved"
 | summarize by assessmentKey=name //the ID of the assessment
 | join kind=inner (
    securityresources
     | where type == "microsoft.security/assessments/subassessments"
     | extend assessmentKey = extract(".*assessments/(.+?)/.*",1,  id)
 ) on assessmentKey
| project assessmentKey, subassessmentKey=name, id, parse_json(properties), resourceGroup, subscriptionId, tenantId
| extend description = properties.description,
         displayName = properties.displayName,
         resourceId = properties.resourceDetails.id,
         resourceSource = properties.resourceDetails.source,
         category = properties.category,
         severity = properties.status.severity,
         code = properties.status.code,
         timeGenerated = properties.timeGenerated,
         remediation = properties.remediation,
         impact = properties.impact,
         vulnId = properties.id,
         additionalData = properties.additionalData