As Microsoft Defender for Endpoint evolves, we are continuously expanding threat and vulnerability management to cover additional devices, OS platforms, and channels to inform customers. Today, we’re excited to share the latest updates.
Threat and vulnerability management for macOS is now generally available
Vulnerability assessment for macOS devices is now generally available to all customers. This capability expansion enables organizations to discover, prioritize, and remediate both software and operating system vulnerabilities on devices running macOS.
After onboarding your macOS devices to Microsoft Defender for Endpoint, you'll get the latest security recommendations, review recently discovered vulnerabilities in installed applications, and issue remediation tasks, just like you can with Windows devices.
Support for Windows 8.1 devices in public preview
As we continue to enrich threat and vulnerability management with new features and capabilities, we are committed to help all customers running a variety of platforms to protect their organizations and resolve vulnerabilities.
We’re excited to announce that we're extending vulnerability assessment and security configuration assessment capabilities to devices running the Windows 8.1 operating system. This has been an ask from some of our top customers and we’re happy to be able to deliver the capability. In public preview as of today, customers will see Windows 8.1 devices contribute to Microsoft Secure Score for Devices and be included in threat and vulnerability dashboards such as Security recommendations, Software inventory, Remediation, Weaknesses, and Event timeline. Windows 8.1 devices will be included in prioritized recommendations and customers can kick off remediation actions like they can with Windows 10 devices. You can see detailed information about threat and vulnerability management support for operating systems versions and platforms in the documentation.
To get started with Microsoft Defender for Endpoint public preview capabilities, we encourage customers to turn on preview features in Microsoft Defender Security Center.
Introducing email notifications for vulnerability events in public preview
Security admins need to stay up to date on the exposure level of their organization and be informed of any new threat that affects the security posture and compliance of their devices.
Threat and vulnerability management continuously monitors your devices and provides real-time information on new threats affecting your organization. These vulnerable events, like new public exploits, are available today through the recently added Event timeline feature.
We’ve introduced the ability to set up email notification rules in threat and vulnerability management, so that all appropriate stakeholders will immediately be informed of these new vulnerability events by email.
Follow these steps to create an email notification rule:
Set the vulnerability events that trigger notifications and specify device groups.
Add specific recipients who’ll be informed immediately when vulnerability events occur so they can act accordingly.
Recipients who receive the email notification can view basic information about the vulnerability event. There will also be links to filtered views of the threat and vulnerability management Security recommendations and Weaknesses pages so they can further investigate. For example, they could get a list of all exposed devices or get additional details about the vulnerability.
Threat and vulnerability management takes a disruptive, risk-driven approach to help organizations reduce and remediate software vulnerabilities and system misconfigurations. Threat and vulnerability management is one of many Microsoft Defender for Endpoint capabilities that empowers organizations to reduce their cybersecurity threat exposure and accelerate the maturity of their vulnerability management program.