We need an option to hide Inactive devices from TVM statistics

Brass Contributor

There is no option to hide 'Inactive' devices from skewing the TVM statistics. This makes tackling and reporting on existing threats and vulnerabilities unnecessarily difficult, a device that has been rebuilt can show in excess of 900 vulnerabilities but in reality that device no longer exists. The situation across the estate would (in our enterprise anyway) actually be around 40 vulnerabilities which is an incredibly large difference.


When reports across the industry are required on 7 day and monthly cadences management are always wondering why their IT teams are not able to do their job and get machines secure, of course the machines are secure but Defender 365 just will not allow us to show that.


If an option to exclude 'Inactive' devices can be added this would be of massive benefit to all organisations that use the TVM feature, it means nobody would be hunting down rememdiation and including reports for devices either no longer exist or haven't reported in to Azure for an extended period of time. 

2 Replies
totally agree with this .. when is this coming as clearly having disconnected / inactive devices causes issues when trying to establish where we are with the work ongoing

@ProjectVRD @wootts You can now excluded devices so they will not be visible in your threat and vulnerability management reports Exclude devices in Microsoft Defender for Endpoint | Microsoft Docs