Organizations are increasingly challenged to stay aligned with evolving business requirements and protect against expanding attack surfaces with a diverse portfolio of devices outside of traditional organizational boundaries, adding complexity to the vulnerability management process. Vulnerability management solutions provide understanding of their overall security risk posture and where to prioritize.
In recent years, Microsoft has established itself as a leading solution for vulnerability risk management (VRM) by leveraging its industry-leading threat intelligence and security expertise. Microsoft Defender Vulnerability Management provides end-to-end capabilities across the VRM lifecycle to identify, assess, prioritize, and remediate vulnerabilities, making it an ideal tool for managing an expanded attack surface and reducing overall risk posture.
Earlier this year we released our premium capabilities as an add-on to the core capabilities included with Defender for Endpoint Plan 2 and we are thrilled to announce Defender Vulnerability Management is now offered as a standalone solution. Now organizations not yet on Defender for Endpoint Plan 2, or have another EDR solution, or just looking to replace an existing vulnerability management solution, can take advantage of our context-aware, risk-based prioritization that leverages Microsoft’s unmatched threat intelligence, breach likelihood predictions and business contexts to prioritize vulnerabilities across their portfolio of managed and unmanaged devices.
With this significant addition of a standalone offering, we also introduced enhancements to the Microsoft 365 Defender Unified RBAC permissions model to clearly associate relevant roles & permissions with Defender Vulnerability Management (this change will not affect existing roles).
Figure: Core and premium capabilities in standalone offer
Defender Vulnerability Management premium capabilities provide advanced assessments with in-depth visibility into potential exposure to your assets:
Defender Vulnerability Management capabilities are integrated into Defender for Endpoint and Defender for Cloud enabling security teams to assess their exposure and address changes to improve security posture of your organization. You now have flexibility in our offering across endpoints and servers. More info on our updated website.
Figure: Availability of Core and premium capabilities across offerings that include Defender Vulnerability Management for endpoints and servers.
Your needs for vulnerability assessments and analysis spans platforms, clouds and modalities and our strategy for Defender Vulnerability Management is to support these environments that span multiple platforms across both on-premises and cloud. We have recently added Fortinet to the network devices and container support is our second big news.
With the rise of containerization and microservices, it's more important than ever to secure the software supply chain and ensure that container images are free from vulnerabilities.
Today, as a result of Defender for Cloud’s integration with Microsoft Defender Vulnerability Management, we are excited to announce the general availability of agentless container posture management in Defender CSPM and the public preview of vulnerability assessment scanning for container images in Defender for Containers.
These new container vulnerability assessment capabilities powered by Defender Vulnerability Management include:
To help proactively strengthen the security posture of your containerized environments, Defender CSPM provides a new vulnerability assessment offering for containers powered by Defender Vulnerability Management, with near real-time scans of new images, daily report refreshes, and real-world exploitability insights. Vulnerabilities are added to Defender CSPM security graph for contextual risk assessment and calculation of attack paths. Customers can now access out-of-the-box container vulnerability assessments that, combined with attack path analysis and agentless discovery of the Kubernetes estate, enable security teams to hunt for risks with the cloud security explorer and prioritize the vulnerabilities that pose the greatest risks to the organization. This agentless approach allows security teams to gain visibility into their Kubernetes and containers registries across the SDLC, removing friction and footprints from the workloads.
Figure Attack path analysis outlining a containerized application publicly exposed with high severity vulnerabilities discovered using Defender Vulnerability Management
In providing comprehensive cloud workload protection, Defender for Containers’ new integration with Defender Vulnerability Management now provides our customers with vulnerability assessments through one-click enablement, near real-time scan of new images, and daily result refreshes of current and emerging vulnerabilities enriched with exploitability insights - all to help organizations focus on vulnerabilities with the greatest security impact to their organization.
New vulnerability assessment recommendation powered by Defender Vulnerability Management
Enable Container vulnerability assessments powered by Defender Vulnerability Management in one click here.
If you’re interested in learning more about Defender Vulnerability Management visit our website for updated pricing and packaging and datasheet. Read more about our plans and capabilities here. To take advantage of our free 90-day trial, check out our interactive guide, and read more information in our product documentation.
For additional information and other relevant updates on protecting cloud workloads please visit the Microsoft Defender for Cloud blog.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.