Blog Post

Microsoft Defender Vulnerability Management Blog
2 MIN READ

Introducing a new threat and vulnerability management report

Shir_Feldman's avatar
Shir_Feldman
Icon for Microsoft rankMicrosoft
Oct 28, 2020

We are excited to announce a new built-in report for Microsoft Defender for Endpoint’s threat and vulnerability management capability, the vulnerable devices report!

 

Have you ever wondered which devices have the most critical vulnerabilities? Or which devices have the oldest or most exploitable vulnerabilities? Our new report is now in public preview to give you those answers, and much more!

 

The Vulnerable devices report provides extensive insights into your organization’s vulnerable devices with summaries of the current status and customizable trends over time. 

 

Report insights include:

  • Device vulnerability severity levels (e.g. all the devices with critical vulnerabilities)
  • Device exploit availability (e.g. all the devices with vulnerabilities that have verified exploits)
  • Device vulnerability age (e.g. devices with vulnerabilities that were published over 90 days ago)
  • Vulnerable devices by operating system
  • Vulnerable devices by Windows 10 version

 

 

 

Let’s take some examples:

  • If there are a lot of devices with old vulnerabilities, you might want to learn about the MTTR (mean time to remediate) process in your organization.
  • If you see multiple devices with Critical or High vulnerabilities, you might want to prioritize those devices first.

Is there an insight you want to explore further? Select the bar chart to drill down and view a list of relevant devices.

 

 

 

You can also use the graphs and granular filtering capabilities to easily learn about your security posture and the vulnerable devices in the organization.

 

Are you ready? If you’ve enabled public preview features, you can check out the new report today! If not, we encourage you to turn on preview features in Microsoft Defender Security Center to get access to the newest capabilities.


If you’re not yet taking advantage of Microsoft’s industry-leading security optics and detection capabilities for endpoints, sign up for a free trial of Microsoft Defender for Endpoint today.

 

We welcome your feedback. If you have any comments or questions, let us know!

 

Updated Oct 28, 2020
Version 1.0

9 Comments

  • harman1600's avatar
    harman1600
    Copper Contributor

    Hi, thanks for sharing this information.

     

    I was wondering if this can be automated and the security recommendations report can be extracted and forwarded to the email address. 

  • sintra3000's avatar
    sintra3000
    Copper Contributor

    Is there a way to see which vulnerabilities are classified as (for example) critical? Lets say you see a device with 5 critical vulnerabilites, and many high and medium. How can you identify which are classified as critical? 

  • Thank you Shir_Feldman for clarification and excited about this feature.

    The only limitation is because it is cloud solutions, in case company required on-premise , they need to relay on third-party.

    It would have been nice to see on-premise solution too.

  • victormacedo's avatar
    victormacedo
    Copper Contributor

    Wonderful, but the big problem here in Brazil is the lack of awareness of big businessmen and even the government to continue using Windows and countless pirated software. Unfortunate.

  • Riyad Amin's avatar
    Riyad Amin
    Iron Contributor

    Hello Shir_Feldman ,

    Cool stuff from Microsoft. 

    But does Microsoft Defender has the capability to find out other well known software vulnerabilities and also can have the remediation for those? 

    Will non-corporate user will have this benefit? Why does not this Defender is included with paid genuine Windows 10 Pro with EDR! 

    By the way, thank you for this share.