Microsoft Defender for Endpoint for Vulnerability Management and Reporting

Hi All,

We’re currently using Rapid7 for vulnerability management and reporting, but we’re actively evaluating the possibility of moving to Microsoft Defender for Endpoint going forward. We’d like to better understand how to properly leverage Defender for Endpoint for vulnerability management and reporting.

If this means using custom reports—such as building dashboards in Power BI—we’re definitely open to that approach. At a high level, we’re looking for guidance on best practices and the right direction to meet the following requirements:

Ongoing vulnerability tracking and remediation
Clearer reporting on vulnerability trends and areas needing improvement
Breakdown of vulnerabilities by severity (Critical, High, Medium, Low), grouped by aging buckets (e.g., 30, 60, 90 days)
Defender Secure Score reporting over time (30, 60, and 90-day views)
Visibility into non-compliant devices in Intune, including devices in grace period and PCs that have checked in within the last 14 days

Any recommendations, examples, or pointers to documentation or reporting approaches would be greatly appreciated.

Thanks in advance,

Dilan