Forum Discussion
wootts
Dec 22, 2021Iron Contributor
TVM Refresh
Hi Team is there a way to force a retest / review of vulnerbilities highlighted during the patching and updating of issues. whilst i see there is a 4 hour window when the scans are repeated (thi...
- Dec 28, 2021
Hey Wootts,
Something that helped my team was Microsoft's PowerBI TVM vulnerability report which can be found on their GitHub repo - https://github.com/microsoft/MicrosoftDefenderForEndpoint-PowerBI
The above link has a Readme within the TVM / TVM report templates directory, and you can get a feel for the setup / output.
This provided better dashboarding for devices last seen, vulnerabilities, missing Windows security updates, software inventory, etc. This helped with our patch management as it is nearly a one stop shop for devices in our environment, solely cloud native. The report has slicer views which can provide a more granular filter as well.
wootts
Dec 30, 2021Iron Contributor
thanks for the information - will make sure to use this, it is probably something I have missed but having assets that have not as yet updated since 16th december seems odd - so was more wondering on the refresh rate and also when MDE will allow rescanning of assets to see if vulnerabilities have been updated - such as most platforms do...
- MitchADec 30, 2021Copper ContributorI did some testing, and it looks like you can initiate a refresh using MsSense.exe found within C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe. MsSense is the EDR sensor component for Microsoft Defender for Endpoint.
I share similar frustrations with the product, but it has been a boon for us with the current work environment being strictly remote. It's hard to get off the MS kool-aid once you start drinking it.- woottsDec 30, 2021Iron Contributorvery well worded and agree - its great when it works 🙂 - have a great new year