The Microsoft 365 security center at security.microsoft.com combines security capabilities that protect, detect, investigate, and respond to email, collaboration, identity, and endpoint threats. We recently shared details about how we’re bringing together these existing product experiences and functionalities in our recent blog post.
As part of our investment in delivering world class SecOps experiences, we improved all of our threat and vulnerability management pages including: Dashboard, Recommendations, Remediation, Software inventory, Weaknesses, and Event timeline.
Going forward, all new threat and vulnerability management features will only be available in the new portal.
Here’s what you’ll see under the “Vulnerability management” section in the Microsoft 365 security center:
New look and feel (including new insights on the top of each page)
Recommendation side panel improvements
New side panel design
Lists of related device names and CVEs are in separate tabs with searchable items
Threat Analytics reports
New remediation request experience
All items are visible when you scroll (no more pagination)
Better search options
Let’s go through some of the changes in Microsoft 365 security in more detail.
The new vulnerability management Weaknesses page includes:
New insights on the top of the page: Including the number of exploitable vulnerabilities, critical vulnerabilities, and zero-day vulnerabilities.
New filter experience: See what filters are turned on above the list.
All items are now visible when you scroll: No more pagination.
Each recommendation in the Security recommendations page has a new side panel design with much more information:
Wider side panel has better visibility with more in-depth information. All items are visible and with no need to scroll.
Associated CVEs pivot, which is organized by severity.
List of “related threats” with Threat Analytics links to related articles.
All the lists are now shown in tabs, and each tab has its own search option.
Under the Related threatsheader within a security recommendation, you can find the related Threat Analytics articles and access them directly by clicking on the name:
In every tab within the security recommendation you can search for a specific item, such as a CVE or a device name, to check if the CVE or a device are applicable to this recommendation. The other option is to select the column header to sort the list:
Search for a device name in the Devices tab of the recommendation. There is also a “last seen” column for each device:
Selecting an activity in the Remediation activities tab of the recommendation will open a side panel with the remediation description, progress, and more. Previously, it directed you to another page:
To request remediation for a security recommendation, the Remediation request experience has been updated. Instead of a long form you need to scroll to fill out, there is a new wizard with step-by-step guidance:
On the Remediationpage in vulnerability management, you now have insights into how many activities past due:
The main Dashboard page has had some design changes, including the list of the top security recommendations:
Finally, all the TVM experiences are compliant to the accessibility standard called WCAG 2.1.
Microsoft Defender for Endpoint is an industry leading, cloud powered endpoint security solution offering vulnerability management, endpoint protection, endpoint detection and response, and mobile threat defense. With our solution, threats are no match. If you’re not yet taking advantage of Microsoft’s unrivaled threat optics and proven capabilities, sign up for a free Microsoft Defender for Endpoint trial today.
We’re excited to hear your feedback as you explore the unified portal and we will continue to update the documentation throughout the preview. Our mission is to empower you with the most unified extended detection and response (XDR) solution in the industry so that you can focus on what’s important: preventing and remediating threats.
To read more about the unified portal experience, check out: