Effectively identifying, assessing, and re-mediating endpoint weaknesses is pivotal in running a healthy security program and reducing organizational risk. Threat & Vulnerability Management is an infrastructure for reducing organizational exposure, hardening endpoint surface area, and increasing organizational resilience.
It helps organizations discover vulnerabilities and misconfigurations in real-time, based on sensors, without the need of agents or periodic scans. It prioritizes vulnerabilities based on the threat landscape, detections in your organization, sensitive information on vulnerable devices, and business context.
Next-generation capabilities
Threat & Vulnerability Management is built-in, real-time, cloud-powered, fully integrated with Microsoft endpoint security stack, the Microsoft Intelligent Security Graph, and the application analytics knowledgebase.
It is the first solution in the industry to automate the remediation process through integration with Microsoft Intune and Microsoft System Center Configuration Manager (SCCM) for patching, configuration changes, or upgrades.
Real-time discovery
To discover end point vulnerabilities and misconfiguration, Threat & Vulnerability Management uses the same agentless built-in Microsoft Defender ATP sensors to reduce cumbersome network scans and IT overhead, and provides:
- Real-time device inventory – Devices onboarded to Microsoft Defender ATP automatically report and push vulnerability and security configuration data to the dashboard.
- Visibility into software and vulnerabilities – Optics into the organization’s software inventory, as well as software changes like installations, uninstallations, and patches.Newly discovered vulnerabilities are reported with actionable mitigation recommendations for 1st and 3rd party applications
Intelligence-driven prioritization
Threat & Vulnerability Management helps customers prioritize and focus on those weaknesses that pose the most urgent and the highest risk to the organization. Rather than using static prioritization by severity scores, Threat & Vulnerability Management in Microsoft Defender ATP highlights the most critical weaknesses that need attention by fusing its security recommendations with dynamic threat and business context:
Seamless remediation
Microsoft Defender ATP’s Threat & Vulnerability Management permits security administrators and IT administrators to collaborate seamlessly to remediate problems.
One-click remediation requests to IT. Through Microsoft Defender ATP’s integration with Microsoft Intune and System Center Configuration Manager (SCCM), security administrators can create a remediation task in Microsoft Intune with one click.
Microsoft strives to deliver four key security needs:
- Identity and access management – Ensure accounts are authenticated prior to granting access to mission-critical data.
- Threat protection – Protect the network by detecting suspicious behavior and malicious activities, then responding to breaches quickly.
- Information protection- Easily implement flexible data classification methods based on Cyber Security needs.
- Security management- Get the full picture of the agency’s security posture with built-in intelligence and recommendations.
