Forum Discussion
A vulnerability assessment solution should be enabled on your virtual machines
Problem: A vulnerability assessment solution should be enabled on your virtual machines from MCSB Initiative marking my VMs as unhealthy in MS Defender Secure score.
My systems have Qualys as Vul scanner and I have used a definition "
Audit Windows machines that don't have the specified applications installed" as passed parameter "Qualys" and assigned that policy effect AuditofNotexist. As a result I can see my VMs are showing compliant.
But in Defender the VMs are still showing unhealthy as the Policy part of MCSB still looks for "Defender: inside those windows VMs. I know I can exempt those VM as Waiver but is there any way I can increase secure score in Defender?
4 Replies
- Matan_Shabtay
Microsoft
Have you installed Qualys by your own? not through Defender for Cloud's integration with Qualys?
If that is the case then Defender for Cloud will not recognize that you have installed it and therefore will mark your VMs as unhealthy.
This is because Defender for Cloud checks if the VM has 'Qualys.QualysAgent' or 'Qualys.QualysAgentLinux' VM extension installed in the VM, but since you didnt install the agent through Azure control plane, you won't have this VM extension installed. For more info refer to https://learn.microsoft.com/en-us/azure/defender-for-cloud/deploy-vulnerability-assessment-byol-vm- So in that case I have to DISABLE the recommendation of "A vulnerability assessment solution should be enabled on your virtual machines" from Azure Security Center Initiative so that it doesnt affect the secure score?
- foundational CSPM options in Defender Security posture settings
