We’re delighted to announce Threat and Vulnerability Management, a new built-in capability that uses a risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations. This capability is coming to Microsoft Defender Advanced Threat Protection (ATP), our industry-leading unified endpoint security platform with an updated name that reflects the newly announced expanded coverage.
Effectively identifying, assessing, and remediating endpoint weaknesses is pivotal in running a healthy security program and reducing organizational risk. Threat & Vulnerability Management serves as an infrastructure for reducing organizational exposure, hardening endpoint surface area, and increasing organizational resilience. Furthermore, it bridges security stakeholders—security administrators, security operations, and IT administrators—by allowing them to collaborate and seamlessly remediate threats.
Threat & Vulnerability Management is a new component of Microsoft Defender ATP, and provides both security administrators and security operations teams with unique value, including:
With Threat & Vulnerability Management in Microsoft Defender ATP, we are introducing a new set of advanced, agentless, cloud-powered capabilities that provide continuous, real-time, risk-based vulnerability management.
To discover endpoint vulnerabilities and misconfiguration, Threat & Vulnerability Management uses the same agentless built-in Microsoft Defender ATP sensors to reduce cumbersome network scans and IT overhead, and provides:
Threat & Vulnerability Management helps customers prioritize and focus on those weaknesses that pose the most urgent and the highest risk to the organization. Rather than using static prioritization by severity scores, Threat & Vulnerability Management in Microsoft Defender ATP highlights the most critical weaknesses that need attention by fusing its security recommendations with dynamic threat and business context:
Microsoft Defender ATP’s Threat & Vulnerability Management allows security administrators and IT administrators to collaborate seamlessly to remediate issues.
We designed Threat & Vulnerability Management with the primary goal of helping organizations reduce exposure to threats and increase organizational resilience. To do this, we’re introducing two new metrics:
The Threat & Vulnerability Management dashboard provides real-time visual of these scores, which are continuously assessed based on environmental changes.
The weaknesses identified in the environment are mapped to actionable security recommendations and prioritized by their impact on the organizational exposure score.
Each security recommendation includes an actionable remediation recommendation, which can be pushed into the IT task queue through a built-in integration with Microsoft Intune and SCCM.
The status and progress of these remediation activities can be monitored through the dashboard.
Threat & Vulnerability Management also provides real-time visibility into the software inventory, with important information like vulnerabilities associated with software versions installed on devices, related exploits and threats, and impact to exposure score.
When pivoting to a specific machine, Threat & Vulnerability Management provides machine exposure level, security recommendations, vulnerabilities identified on the machine, and other critical information. This data, together with alerts and incidents data provides security operations with a much clearer picture during incident investigations.
Threat & Vulnerability Management is just the latest innovation to be added to Microsoft Defender ATP, which continues to evolve to provide customers with powerful, real-time, and integrated means to discover, prioritize, and remediate threats. Customers who have turned on Microsoft Defender ATP preview features will see this game-changing capability in their dashboard within the next month.
Not yet enjoying the benefits of Microsoft Defender ATP’s industry-leading optics and detection capabilities? Sign up for free trial today.
Microsoft Defender ATP team
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.