Microsoft Defender for Endpoint Updates Boost Visibility and Control

Microsoft has rolled out a new set of features and enhancements for Microsoft Defender for Endpoint this month. These updates expand its security, visibility, and management capabilities across enterprise environments.

Microsoft has introduced a new Library management experience in preview in the Defender portal. This new feature allows security analysts to view and manage files and scripts used during live response. Moreover, it provides access to a centralized list of all uploaded files and their properties. Analysts can upload, view, and delete artifacts outside an active live response session.

Effective settings tab now generally available

The new Effective settings tab under the device inventory Configuration management tab is generally available for commercial customers. It enables administrators to view the actual applied configuration values and the source of security settings on a device. This feature helps identify policy settings that failed to apply to reduce security gaps in device configuration.

Improved Device Vulnerabilities report experience

Microsoft has announced the general availability of an Improved Device Vulnerabilities report experience. This update removes the Vulnerable devices by Windows 10/11 version over time section. Moreover, the report’s filtering option has been simplified to only include the Device group filter. The historical data is now limited to 30 days to provide a cleaner and more relevant view.

“Vulnerable Components” page renamed to Software components

The “Vulnerable components” page is now called Software components. This change reflects expanded visibility in Defender Vulnerability Management into all software components identified across the organization.

Last but not least, Microsoft mentioned that the What’s New page is renamed New features in Microsoft Defender for Endpoint. It includes both new features and direct links to the most recent release notes. Moreover, release notes for all supported operating systems are now consolidated into one unified page. Microsoft notes that older release note pages now redirect to the consolidated view, which makes it easier to navigate updates across platforms.