Key Takeaways:
- Microsoft’s new Vulnerable Components Inventory feature provides IT admins with a comprehensive tool to identify and manage vulnerabilities within their software components.
- This integration enhances the organization’s ability to discover, prioritize, and remediate security threats.
- Microsoft plans to expand the coverage for software components to ensure robust protection against emerging risks.
Microsoft has released a new dedicated inventory in public preview for its Defender Vulnerability Management solution. The new Vulnerable Components Inventory feature allows IT administrators to actively detect and address known vulnerabilities in software components used within their enterprise environments.
Microsoft Defender Vulnerability Management is a security solution that enables organizations to discover, prioritize, and remediate security threats and misconfigurations across endpoints and cloud workloads. The service provides integration with the Endpoint Detection and Response (EDR) solution and offers other security capabilities such as application block, threat intelligence, and agent-based or agentless scanning.
The Vulnerable Components Inventory feature enables IT administrators to proactively identify affected devices, prioritize security risks, and take measures to mitigate them. It is designed to enhance the overall security posture and prevent cyberattacks. This inventory includes a comprehensive list of software components that have a history of critical vulnerabilities.
Currently, the vulnerable components inventory feature supports various components, such as Apache Log4j, Apache Commons Text, Apache Struts, WebP (libwebp), OpenSSL, Spring Framework, and LiteDB. Security teams can view basic information for each vulnerable component, including its name, vendor, active threats or alerts, and the impact on the overall exposure score. Microsoft is actively working to expand the coverage of software components to adapt to the changing threat landscape.
How to navigate to the vulnerable components page
To open the vulnerable components page, IT admins will need to head over to the Microsoft Defender portal. Then, select Vulnerability management > Inventories, and click the Vulnerable components tab.
Microsoft has emphasized that supply chain attacks pose a significant threat to enterprise customers. This is largely due to the reliance of software developers on open-source packages and commercial third-party software components.
The new Vulnerable Components Inventory feature should streamline the process of identifying vulnerabilities within open-source software components and their dependencies. These actionable insights enable administrators to implement mitigations in order to minimize associated risks.