The Microsoft 365 security center at security.microsoft.com combines security capabilities that protect, detect, investigate, and respond to email, collaboration, identity, and endpoint threats. We recently shared details about how we’re bringing together these existing product experiences and functionalities in our recent blog post.
As part of our investment in delivering world class SecOps experiences, we improved all of our threat and vulnerability management pages including: Dashboard, Recommendations, Remediation, Software inventory, Weaknesses, and Event timeline.
Going forward, all new threat and vulnerability management features will only be available in the new portal.
Here’s what you’ll see under the “Vulnerability management” section in the Microsoft 365 security center:
Let’s go through some of the changes in Microsoft 365 security in more detail.
The new vulnerability management Weaknesses page includes:
Each recommendation in the Security recommendations page has a new side panel design with much more information:
Under the Related threats header within a security recommendation, you can find the related Threat Analytics articles and access them directly by clicking on the name:
In every tab within the security recommendation you can search for a specific item, such as a CVE or a device name, to check if the CVE or a device are applicable to this recommendation. The other option is to select the column header to sort the list:
Search for a device name in the Devices tab of the recommendation. There is also a “last seen” column for each device:
Selecting an activity in the Remediation activities tab of the recommendation will open a side panel with the remediation description, progress, and more. Previously, it directed you to another page:
To request remediation for a security recommendation, the Remediation request experience has been updated. Instead of a long form you need to scroll to fill out, there is a new wizard with step-by-step guidance:
On the Remediation page in vulnerability management, you now have insights into how many activities past due:
The main Dashboard page has had some design changes, including the list of the top security recommendations:
Finally, all the TVM experiences are compliant to the accessibility standard called WCAG 2.1.
Are you ready? If you’ve enabled public preview features, you can check out the new threat and vulnerability management experiences in the unified portal today! If not, we encourage you to turn on preview features for Microsoft Defender for Endpoint to get access to the newest capabilities. These features can be turned on in the Microsoft Defender Security Center or the Microsoft 365 security center. In addition, we recommend you learn about how to redirect accounts from Microsoft Defender for Endpoint to the Microsoft 365 secur....
Microsoft Defender for Endpoint is an industry leading, cloud powered endpoint security solution offering vulnerability management, endpoint protection, endpoint detection and response, and mobile threat defense. With our solution, threats are no match. If you’re not yet taking advantage of Microsoft’s unrivaled threat optics and proven capabilities, sign up for a free Microsoft Defender for Endpoint trial today.
We’re excited to hear your feedback as you explore the unified portal and we will continue to update the documentation throughout the preview. Our mission is to empower you with the most unified extended detection and response (XDR) solution in the industry so that you can focus on what’s important: preventing and remediating threats.
To read more about the unified portal experience, check out:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.