Premium capabilities in Microsoft Defender Vulnerability Management are now generally available
Published Mar 01 2023 08:00 AM 15.4K Views

Blog Graphic_3 (003).png

Misconfiguration exploits, a growing volume of vulnerabilities, lack of visibility and a flood of duplicative recommendations continue to challenge the security teams while exposing organizations to significant risks. To mitigate risks at scale and bolster your threat prevention strategy, we have shared our strategy for Microsoft Defender Vulnerability Management last year to help mitigate risks proactively at scale and bolster your threat prevention strategy. Today, we are thrilled to announce the general availability of premium capabilities in Microsoft Defender Vulnerability Management, a comprehensive solution that enables organizations to identify, assess, prioritize, and remediate your biggest risks across critical assets.  


We are thankful to our public preview community members for their valuable feedback and continued partnership as we build a vulnerability management tool with a goal to help organizations reduce cyber risk with continuous vulnerability and misconfiguration assessment, risk-based prioritization, and built-in remediation tools.  


By shifting left and investing in strengthening your organization’s security posture, organizations can more quickly and efficiently identify and address vulnerabilities, reduce the risk of security breaches, and minimize impact of potential security incidents. Microsoft Defender Vulnerability Management simplifies your proactive protection so you can efficiently manage vulnerability and configuration risks in one place.


Frictionless vulnerability management

Deploying and managing agents can be cumbersome and agents can affect a machine’s performance. Defender Vulnerability Management leverages existing agents from Microsoft Defender for Endpoint, so Defender Vulnerability Management add-on customers do not need to deploy additional agents to access continuous discovery and assessments.


In an easy to use, unified platform, Defender Vulnerability Management helps you discover and assess your managed and unmanaged assets and understand your security posture at a glance. Focus on what matters in one platform experience where you can view your exposure score and understand recommended actions to be taken. 


Comprehensive assessments to uncover risks

Microsoft Defender Vulnerability Management has provided foundational vulnerability management capabilities such as device discovery, inventory and vulnerability and configuration assessments. Our new generally available premium capabilities provide advanced assessments to give in-depth visibility into the potential exposure to your assets. These premium capabilities include:

  • Security baselines assessment - customized profiles that you can create to assess and monitor endpoints against industry security benchmarks, such as CIS, STIG and Microsoft benchmarks. Instead of running never-ending compliance scans, monitor your organization’s security baselines seamlessly according to customized profiles.
  • Hardware and firmware assessment – full visibility into device manufacturer, processors, and BIOs information to assess vulnerabilities for hardware and firmware risks.
  • Digital certificates and browser extensions assessment - expand your asset coverage beyond devices and gain entity-level visibility into the various browser extensions and digital certificates installed across assets.
  • Network shares analysis- protect against misconfigurations used in the wild by attackers for lateral movement, reconnaissance, data exfiltration, and more.
  • Authenticated scans for vulnerability assessment- run scans on unmanaged devices by remotely targeting by IP ranges or hostnames to remotely access the devices for vulnerability assessment purposes.


Focus on what matters

Slide 20_TLV.png

Prioritization is a crucial aspect of effective vulnerability management. With the increasing number of vulnerabilities, you need to focus your time and resources on where it matters. A vital part of our foundational vulnerability management offerings, our context-aware, risk-based prioritization leverages Microsoft’s unmatched threat intelligence, breach likelihood predictions and business contexts to prioritize the biggest vulnerabilities on your most critical assets. Our risk-based prioritization enables you to make smarter decisions about which vulnerabilities to address first. We continue to invest in enhancing our risk-based prioritization for all Defender Vulnerability Management customers.


Track and mitigate vulnerability risks with ease

Slide 23_Track and Mitigate.png

When ready to address vulnerabilities and misconfigurations, bridge the gap with IT and security to act swiftly to remediate risks with built-in workflows, block vulnerable apps and seamlessly track progress across the organization with real-time measurements.

  • Seamlessly request remediations with workflows - Create a remediation task from a specific security recommendation and leverage integrations with Microsoft Intune.
  • Track and report on vulnerability management progress – Get a view that shows remediation process with data such as severity levels, exploit availability, vulnerability age, OS, or device group. Leverage APIs with rich data for custom reporting.  
  • Block vulnerable applications – In addition to the core remediation capabilities, proactively reduce risks with this premium capability by taking mitigation steps such as warning users or blocking known vulnerable versions of applications. Leverage software usage insights to understand the impact of the vulnerable application.


Microsoft Defender Vulnerability Management plans & availability

Microsoft Defender Vulnerability Management enables proactive protection across different domains including endpoints and cloud workloads. Take advantage of our premium vulnerability management capabilities through the following offerings:


  • For Microsoft Defender for Endpoint Plan 2 customers, seamlessly enhance your vulnerability management program with the Microsoft Defender Vulnerability Management Add-On without the need to install additional agents.
  • For Microsoft Defender for Cloud customers, Defender Vulnerability Management is natively integrated within Defender for Cloud to perform vulnerability assessments for cloud based virtual machines and recommendations will automatically populate in the Defender for Cloud portal. Microsoft Defender for Servers Plan 2 includes access to premium capabilities, read more here.
  • For customers who do not use Defender for Endpoint Plan 2, complement your existing EDR solution with the Microsoft Defender Vulnerability Management Standalone, currently available for a free trial while in public preview.

Read more about our plans and capabilities here.


We’re excited to continue delivering innovations with expanded coverage and new capabilities in both our core and premium vulnerability management offerings for you.


Learn more

If you’re interested in learning more about Microsoft Defender Vulnerability Management visit our website to take advantage of our free 90-day trial, check out our interactive guide, and read more information in our product documentation.


Version history
Last update:
‎Mar 01 2023 08:33 AM
Updated by: