Microsoft Introduces Device Vulnerability Report in Defender for Endpoint
Microsoft this week announced the availability of a new vulnerability management report in Microsoft Defender, to provide information on vulnerable devices.
The new built-in report complements existing Microsoft Defender for Endpoint (previously known as Microsoft Defender Advanced Threat Protection) threat and vulnerability management capabilities and is catered for those looking to gain insights on devices that pose potential risks due to unpatched vulnerabilities. The feature is currently in preview version.
“The Vulnerable devices report provides extensive insights into your organization’s vulnerable devices with summaries of the current status and customizable trends over time,” Microsoft explains.
Within the report, organizations can access information on the vulnerability security levels of devices, availability of exploits for devices with vulnerabilities, and the age of unpatched security flaws, as well as a list of vulnerable devices, organized by operating system or by Windows 10 version.
Both graphs and bar charts are available in the report, to deliver information on device trends (allows selection of multiple time ranges) and current statistics (only information for the current day).
Data can be filtered based on vulnerability severity or age, availability of exploits, device group, or platform. Additional information can be accessed through selecting a specific bar chart.
According to Microsoft, in each specific graph, devices are only counted once.
The new report is available in the Microsoft Defender Security Center and can be accessed from Reports > Vulnerable devices, but only for those organizations that have the public preview feature enabled.
“This preview version is provided without a service level agreement, and it’s not recommended for production workloads. Certain features might not be supported or might have constrained capabilities,” Microsoft notes.