Threat & Vulnerability Management is a new Microsoft Defender ATP component that helps effectively identify, assess, and remediate endpoint weaknesses.  Threat & Vulnerability Management provides both security administrators and security operations teams with unique value, including:

  • Real-time endpoint detection and response (EDR) insights correlated with endpoint vulnerabilities
  • Invaluable machine vulnerability context during incident investigations
  • Built-in remediation processes through Microsoft Intune and Microsoft System Center Configuration Manager

Note: Microsoft Intune and Microsoft System Center Configuration Manager (SCCM) integration will roll-in next month.


Today, we are excited to announce that the new Threat & Vulnerability Management (TVM) is now available for public preview in the Microsoft Defender ATP portal. We are bringing a game changing risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations. See our announcement blog for details.


Threat & Vulnerability Management is the latest innovation in Microsoft Defender ATP, which continues to evolve to provide customers with powerful, real-time, and integrated means to discover, prioritize, and remediate threats. Customers who have turned on Microsoft Defender ATP preview features will see this game-changing capability in their dashboard.


Additional TVM capabilities will continue rolling out throughout the upcoming months – Stay tuned!


For information on getting started with Microsoft Defender ATP TVM see https://aka.ms/mdatp-tvm.



Figure 1: Screenshot of the Threat & Vulnerability Management dashboard



The Microsoft Defender ATP, Threat & Vulnerability Management team


Occasional Contributor

I'm checking out the new Threat & Vulnerability Management Security Recommendations dashboard and noticing that the detection of many registry keys relating to Internet Explorer features is broken. I have several of the keys configured properly across our environment in accordance with the Remediation Options tab, but they're not detected successfully.


Incorrect detections include (but may not be limited to):
* Enable 'Information Bar'
* Enable 'Restrict File Download'


Are others seeing this?

Frequent Visitor

The software inventory isn't correctly detecting all installed software. It shows multiple instances of some programs, while showing no instances of others. Some machines it shows up properly and some it doesn't.

Regular Visitor

I know it's new, but I am really digging the Vulnerability page. 

Occasional Visitor

Awesome addition guys, amazing work. 

Occasional Visitor

Is this new feature also available in Windows Server 2019? If not, will this come ?



Occasional Contributor

It would be nice to know what the security recommendations are based on.  I have 11 machines that have the recommendation "Update 7-zip to version" but as far as I can tell, they have all been upgraded.  Is it checking registry keys, file versions in specific directories, something else?

great addition, please use the 'frown face' on the top right corner of the portal to file your suggestion directly with our engineering team
Occasional Contributor

Interested to know if this functionality will be back ported into previous versions of Windows Server? We're looking at the PowerBI Dashboards as a part of our patching process and can only see Windows 10 devices showing as missing security patches. 


Yes, the new TVM functionality is planned to be backported to previous Windows Server versions in the upcoming months.

Occasional Visitor

Is TVM able to account for supercedence updates? We see a lot of discovered vulnerabilities that have been patched in SCCM.

Regular Contributor

Is this still rolling out?
We have enabled preview features a while ago, but stil don`t see thes options.

Occasional Contributor

I got it since last Thursday. Nice feature guys!

Cool and I have this tool, does it comes tech support as does O365. I have this tool with my M365 E5. Or is tech support a fee base for this product?
Occasional Contributor
@Jerry Gonzalez Support is included in your M365 E5 subscription

Thanks, but how do I get the support. I have call O365 and they stated they don't support.  Try to open a ticket and get these, which I don't have that information and not sure if I need this. Since I am paying for the M365 E5 that covers everything.Contract option.jpgSubscription option.jpgSupport Request.jpg

Occasional Contributor
I'm sorry to say I get the same on that page. I received free support a few months back, but as I recall, this ticket was created via the Azure portal.