We are excited to announce the release of Software Usage Insights within Microsoft Defender Vulnerability Management. Starting today, organizations who are leveraging Microsoft Defender Vulnerability Management can view the number of devices using specific Windows software and the median usage for the past 30 days to better inform organizations of the user impact if they want to block software or any vulnerable versions.
Before you start
To view software usage insights, you must have access to the Vulnerability management section of the Microsoft 365 Defender portal (security.microsoft.com). Learn more on how to Create and manage roles for role-based access control | Microsoft Docs
Usage insights are limited to supported Windows applications. This does not include usage related to operating systems and there may be situations where Microsoft does not have sufficient information about the application to make a usage calculation.
Daily usage insights
Today, vulnerability management shows the software installed in an organization, including any identified vulnerable versions. We recently enhanced the vulnerability management section of the Microsoft 365D portal to show the overall software usage for an application within the last 30 days. Software usage helps inform organizations of the user impact if they want to block software or any vulnerable versions. The daily software usage is calculated from process events collected by the core endpoint detection and response service and shown for any number of onboarded devices.
Software inventory view
Customers can view software usage by selecting an application in the Software inventory page, which then opens a detail pane where they can view data related to that software’s usage over the past 30 days.
Software page view
Customers can also view software usage for a specific application by opening the software page.
Additionally, by selecting the ‘Installed devices’ tab, customers can view the number of days the software has been used for each device that the software is currently installed on. The “Version distribution” tab in the software page will also display the software usage for each installed version of the application.
Security recommendations view
When reviewing security recommendations in your organization, software usage insights can be helpful to determine the overall impact of a vulnerability. Customers can now view usage for applications related to security recommendations.
We hope that these new insights combined with our threat & vulnerability data will help customers enhance their security posture and develop their application control strategies.