Ninja Cat Giveaway: Episode 8 | Get to know Defender Vulnerability Management Premium

Hello,

I think the Certificate area is my favourite feature in the MDVM Premium capabilities. Certificates have become so pervasive on all Web services, but many people don't actively manage them, just installing one to get the :locked: to appear, but then leaving themselves vulnerable by weak implementation, or DOSing themselves when they expire

Hi Heike,

I would love to have all the assessment tools deployed for the customers I support, but digital certificate assessment stands out as the most valuable to me today. As a troubleshooting tool it could have saved valuable hours this year. As a preventative measure, using the expiring soon setting, the troubleshooting would not even have been necessary.

Thanks for the great video

Hi everyone,

One of the most valuable premium capabilities for me is "Blocking vulnerable applications".
As we all know during this remote work era, it is getting difficult to manage all the application updates. Even update is pushed through Intune it takes time for the end-user to update it on their end.
this feature gives authority to warn the user and block the application usage as per vulnerability exposure. it is also helpful for administrators that allow enough time to work around.

Thanks,
Snehal

Hello there,

One of the most valuable premium capabilities of Microsoft Defender Vulnerability Management is its ability to block vulnerable applications. I love this feature cause, it helps to reduce risk by preventing the use of outdated or vulnerable applications. By preventing the use of outdated or vulnerable applications, organizations can proactively reduce risk and strengthen their security posture.

Greetings
Farhad

Hi Heike,

The most stunning feature for me is the "Authenticated scan for Windows" as we have an agentless solution available - for unmanaged devices - where we don't need MDE and MDVM agent deployed. It provides the capability to run scans by remotely target IP address ranges or hostnames by providing MDVM with (secure) credentials to remotely access the devices.

The best use case for me and my customers are that asset inventory is sometimes hard to manage for enterprise organizations, and therefore deployment/agent handling as well. Especially for short-living environments like VDI or temporary devices during a workshop or training. Authenticated scan for Windows overcomes that burden and helps organizations be secure without having a complete asset discovery available.

Best,
Dominik

This is a tricky one as it's difficult to select just one valuable tool in the Vulnerability Management feature. CVE mapping with the almost instant notifications of newly disclosed vulnerabilities is a gem in a big environment to get valuable information about your vulnerability surface even if you manage the typical OS and software updates automatically.

Also when first setting up your Defender for Endpoint configuration it's invaluable to study and setup your ASR rules (and keep a close eye on them, since they are updated regularly)!

Hi Heike,

Thanks for the new episode today!

One of MS Defender Vulnerability Management Premium Capabilities mentioned in the episode is Browser extensions assessment which is also my favorite one today. It displays the extensions installed across different browsers, it tells which client the extensions are installed, the permissions, the installed version, etc. It can help us to determine how we would like to manage the installed extension to ensure the safe usage of them.

Btw, I received my Ninja Cat during the weekend. Lovely!