Forum Discussion

danjomartinz's avatar
danjomartinz
Copper Contributor
Jan 04, 2024

How To Access Vulnerability And Compliance Data For MDI

Hello,

 

I am trying to understand how I can access vulnerability specific data just for MDI. I am not that interested in alerts or incidents. Examples of data I am interested in would be known vulnerabilities, misconfigurations, and weaknesses within Active Directory and Azure Active Directory.

 

So far looking at the MS Defender console the data to me looks pretty scattered. The most interesting location I have found looks to be the general "Secure score" and then filter on "Identity". However, I only see 35 items listed there. I am not sure if I am looking at the correct location or I am doing something wrong. I have not found a lot of documentation on Identity from more of a vulnerability management perspective. Not sure if someone out there can provide some guidance?

 

Regards,

Joe

  • LeonPavesic's avatar
    LeonPavesic
    Silver Contributor
    Jan 05, 2024

    Hi danjomartinz,

    To retrieve vulnerability-specific data for Microsoft Defender for Identity (MDI), you can utilize the Microsoft Secure Score.
    Microsoft Secure Score | Microsoft Learn
    Here are the steps:

    1. Navigate to the Microsoft Secure Score dashboard.
    2. Choose the Recommended actions tab.
    3. You can either search for a specific recommended action or apply filters, such as the Identity category.
    4. For more detailed information, select the assessment.

    These assessments offer insights into detections and contextual data regarding known exploitable components and misconfigurations, providing relevant paths for remediation.
    They also enable active monitoring for on-premises identities and identity infrastructure.


    Here is a list outlining the 16 most common AD vulnerabilities and misconfigurations.
    www.infosecmatter.com

    For a more comprehensive understanding of vulnerability management, the OWASP Vulnerability Management Guide can be valuable.
    It provides practical information on pentesting Active Directory environments, listing common AD vulnerabilities and misconfigurations.
    owasp.org


    Please click Mark as Best Response & Like if my post helped you to solve your issue.
    This will help others to find the correct solution easily. It also closes the item.


    If the post was useful in other ways, please consider giving it Like.


    Kindest regards,


    Leon Pavesic
    (LinkedIn)

Resources