Forum Discussion
Replacement for Windows Authenticated Scanning
For cost saving, we were looking at replacing our existing vulnerability scanner with Defender and using device scanning. Due to the nature of some of our systems, we can't enroll all of them in Defender and had hoped to use Windows Authenticated Scanning for the unmanaged devices. It looks like that is being deprecated, and the FAQ page indicates that there is currently no direct replacement. While the number of systems we have that can't be enrolled in relatively minimal, is there any kind of scanning I'm missing as part of the product that would allow remote scans of Windows devices as opposed to enrolling? It doesn't look like it. Seems like taking away a component that gives some kind of feature parity without another option is a bad idea, but maybe I'm just missing something.
1 Reply
You're correct that Microsoft is deprecating the Windows Authenticated Scan feature in Defender Vulnerability Management, with support ending on November 30, 2025. Currently, there isn't a direct replacement within Defender for conducting remote scans on unmanaged Windows devices without enrolling them.
