Microsoft Defender Vulnerability Management Adds New Premium Capabilities to Uncover Security Risks

Microsoft has released an update that brings new premium capabilities for Microsoft Defender Vulnerability Management. The new security features provide comprehensive assessments to help IT admins track and mitigate security risks in their most critical assets.

Microsoft Defender Vulnerability Management is a security tool that uses AI to detect, analyze, prioritize, and fix vulnerabilities in enterprise networks. It provides a centralized dashboard and automated patch management capabilities that make tracking and managing known vulnerabilities easier.

With this release, IT admins can use customized profiles to analyze and monitor all endpoints against STIG, CIS, and other industry security benchmarks. The security baselines assessment helps to detect changes in real time and eliminates the need to run time-consuming compliance scans.

“Microsoft Defender Vulnerability Management has provided foundational vulnerability management capabilities such as device discovery, inventory and vulnerability and configuration assessments. Our new generally available premium capabilities provide advanced assessments to give in-depth visibility into the potential exposure to your assets,” Microsoft explained.

Microsoft Defender Vulnerability Management hardware and firmware assessment provides details about device manufacturer, processors, and BIOs information. It should help to protect customers against increasing hardware and firmware-level attacks. Moreover, the network share configuration assessment aims to ensure secured access to files and folders shared with people on the network.

The authenticated scan feature enables IT admins to run scans on unmanaged Windows devices and mitigate software vulnerabilities. It’s also possible to gain entity-level visibility into digital certificates and browser extensions installed across endpoints within the organization.

Microsoft Defender Vulnerability Management can now block vulnerable applications

Microsoft has recently introduced a new feature that enables customers to block known vulnerable versions of applications. Once enabled, end users will see a notification informing them that the vulnerable app has been blocked on their Windows device. However, users will be able to click the “Allow” button to open the application.

Microsoft notes that the new premium capabilities are available for Microsoft Defender for Cloud and Microsoft Defender for Endpoint Plan 2 customers. However, organizations that don’t have a Defender for Endpoint Plan 2 subscription can use the Microsoft Defender Vulnerability Management Standalone solution with their existing EDR tools.