Microsoft is releasing a public preview of Microsoft Defender Vulnerability Management, a new single solution that includes Microsoft’s full set of vulnerability management capabilities to help companies mitigate software bugs more easily.
According to Microsoft, the new Defender feature builds on core threat and vulnerability management tools launched in 2019, including threat and vulnerability management features in Microsoft Defender Advanced Threat Protection.
Microsoft Defender Vulnerability Management will be available in public preview as both a standalone and as an add-on for Microsoft Defender for Endpoint Plan 2 customers, the Redmond, Wash. company says in a Tech Community blog.
Microsoft says Defender Vulnerability Management features Microsoft’s full suite of vulnerability management capabilities, as well as consolidated asset inventories, expanded coverages and other new capabilities. Those new capabilities include security baseline assessments, browser extension assessments, digital certificate assessments, network shares analysis, blocking vulnerable applications and vulnerability assessment for unmanaged endpoints.
“For customers looking for a proactive, risk-based vulnerability management solution, Microsoft Defender Vulnerability Management helps you efficiently discover, assess, and remediate vulnerabilities and misconfigurations in one place,” Microsoft says. “Get continuous asset visibility, consolidated inventories, intelligent assessment tools, risk-based prioritization, and built-in remediation workflows.”
For current Defender for Endpoint Plan 2 customers, the add-on option can enhance their vulnerability management program with consolidated inventories, expanded asset coverage, cross-platform support and new assessment and mitigation tools. It also retains existing vulnerability management tools currently generally available, including device discovery and inventory, vulnerability assessments, configuration assessments, continuous monitoring, threat analytics and intelligence, risk-base prioritization and remediation tracking.
Currently, security baseline assessments to proactively manage an organization’s security posture, browser extension inventory and assessments, and digital certificate inventory and assessments, and network shares analysis are currently available via the public preview.
The ability to block vulnerable applications while they are being remediated is currently in beta. This allows admins to block specific versions of applications for certain device groups that are known to contain vulnerabilities. Admins can also view devices impacted by the security bug, view file indicators created by the mitigation and export the full list of SHA 256 indicators created by a mitigation for reporting and validation.
Coming soon is a vulnerability assessment tool for unmanaged endpoints that remotely scans unmanaged Windows devices for vulnerabilities and targets the devices by IP or range. Admins can use the tool to provide posture assessments of unmanage devices and newly discovered unmanaged endpoints.
Read the company’s blog for more information about how to sign up for the public preview.