Colum header meanings in vulnerabilities export files

%3CLINGO-SUB%20id%3D%22lingo-sub-2242736%22%20slang%3D%22en-US%22%3EColum%20header%20meanings%20in%20vulnerabilities%20export%20files%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2242736%22%20slang%3D%22en-US%22%3E%3CP%3EWhen%20I%20export%20a%20csv%20from%20a%20machine's%20%22Discovered%20Vulnerabilities%22%20tab%2C%20what%20do%20the%20%22has%20exploit%22%2C%20%22has%20known%20threats%22%2C%20and%20%22has%20associated%20alerts%22%20column%20headers%20mean%20respectively%3F%20Also%2C%20do%20I%20need%20both%20AV%20and%20EDR%20turned%20on%20for%20both%20of%20these%20to%20be%20true%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2275249%22%20slang%3D%22en-US%22%3ERe%3A%20Colum%20header%20meanings%20in%20vulnerabilities%20export%20files%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2275249%22%20slang%3D%22en-US%22%3EFor%20more%20information%20about%20threat%20and%20vulnerability%20management%20please%20refer%20to%20this%20link%3A%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fsecurity%2Fdefender-endpoint%2Ftvm-weaknesses%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fsecurity%2Fdefender-endpoint%2Ftvm-weaknesses%3Fview%3Do365-worldwide%3C%2FA%3E.%20Additionally%2C%20if%20I%20understand%20your%20second%20question%20correctly%2C%20the%20EDR%20service%20is%20doing%20the%20vulnerability%20assessment.%20Please%20let%20me%20know%20if%20this%20answers%20your%20question%3C%2FLINGO-BODY%3E
New Contributor

When I export a csv from a machine's "Discovered Vulnerabilities" tab, what do the "has exploit", "has known threats", and "has associated alerts" column headers mean respectively? Also, do I need both AV and EDR turned on for both of these to be true?

1 Reply
For more information about threat and vulnerability management please refer to this link: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/tvm-weaknesses?view=o365-w.... Additionally, if I understand your second question correctly, the EDR service is doing the vulnerability assessment. Please let me know if this answers your question