Microsoft Defender Vulnerability Management Preview

Reduce cybersecurity risk with continuous vulnerability discovery and assessment, risk-based prioritization, and remediation.

Risk-based vulnerability management

Reduce risk with continuous vulnerability assessment, risk-based prioritization, and remediation.

Know what to protect

Discover and assess all your organization’s assets in a single view. Eliminate periodic scans with continuous monitoring and alerts. Detect risk even when devices are not connected to the corporate network.

Get advanced assessment tools

Understand your cyberexposure and relevant threat and business contexts in one place. Proactively prevent breaches with risk assessments using Microsoft benchmarks and industry standards, including CIS and STIG.

Prioritize what’s important

Quickly remediate the biggest vulnerabilities on your most critical assets. Prioritize risks using Microsoft threat intelligence, likelihood predictions, business contexts, and device reports.

Remediate and track progress

Bridge the gap between security and IT teams. Help reduce risk with automated remediation tools, including blocking of vulnerable apps, built-in workflows, and real-time measurements to seamlessly track progress across the organization.

Help reduce cybersecurity risk

Learn how our discovery tools, asset inventories, threat intelligence, and built-in workflows help security teams reduce risk.

Key capabilities

Proactively reduce risk to your organization with Defender Vulnerability Management.

Device inventory showing a list of computers and mobile phones in Microsoft 365 Defender.

Asset discovery and inventory

Detect risk across managed and unmanaged endpoints with built-in-modules and agentless scanners, even when devices aren’t connected to the corporate network.

Software inventory showing a list of applications in Microsoft 365 Security.

Continuous vulnerability and misconfiguration assessments

Eliminate periodic scans and access entity-level inventories of devices, software, digital certificates, and browser extensions.

A baseline compliance overview in Microsoft 365 Security.

Security baseline assessment

Continuously assess endpoints and customize profiles against Microsoft benchmarks and industry standards, including CIS and STIG.

A list of weaknesses and vulnerabilities found in Microsoft 365 Security.

Expert-level threat monitoring and analysis

Use Microsoft threat intelligence, breach likelihood analysis, business contexts, and endpoint assessments to understand and prioritize vulnerabilities.

A list of security recommendations in Microsoft 365 Security.

Prioritized security recommendations

Focus on threats that pose the highest risk with a single view of prioritized recommendations from multiple security feeds.

A list of remediation activities in Microsoft 365 Security.

Block vulnerable applications

Proactively block known vulnerable versions of apps or warn users with customized desktop alerts.

A list of blocked apps in Microsoft 365 Security.

Seamlessly remediate and track progress

Connect teams with built-in workflows and integrations. Track progress and trends in real time with remediation tracking and device reports.

Device inventory showing a list of computers and mobile phones in Microsoft 365 Defender.

Asset discovery and inventory

Detect risk across managed and unmanaged endpoints with built-in-modules and agentless scanners, even when devices aren’t connected to the corporate network.

Software inventory showing a list of applications in Microsoft 365 Security.

Continuous vulnerability and misconfiguration assessments

Eliminate periodic scans and access entity-level inventories of devices, software, digital certificates, and browser extensions.

A baseline compliance overview in Microsoft 365 Security.

Security baseline assessment

Continuously assess endpoints and customize profiles against Microsoft benchmarks and industry standards, including CIS and STIG.

A list of weaknesses and vulnerabilities found in Microsoft 365 Security.

Expert-level threat monitoring and analysis

Use Microsoft threat intelligence, breach likelihood analysis, business contexts, and endpoint assessments to understand and prioritize vulnerabilities.

A list of security recommendations in Microsoft 365 Security.

Prioritized security recommendations

Focus on threats that pose the highest risk with a single view of prioritized recommendations from multiple security feeds.

A list of remediation activities in Microsoft 365 Security.

Block vulnerable applications

Proactively block known vulnerable versions of apps or warn users with customized desktop alerts.

A list of blocked apps in Microsoft 365 Security.

Seamlessly remediate and track progress

Connect teams with built-in workflows and integrations. Track progress and trends in real time with remediation tracking and device reports.

What customers and partners are saying

Compare plans in preview

Add-on for Defender for Endpoint P2 & E5 customers

Microsoft Defender Vulnerability Management Add-on

Defender for Endpoint Plan 2 and E5 customers can add new advanced vulnerability management tools to their existing subscription with the Defender Vulnerability Management Add-on.


Key capabilities:

  • Unified security tools and centralized management
  • Discovery of unmanaged and managed devices
  • Inventory of managed devices
  • Inventory of network devices
  • Security baseline assessment
  • Authenticated scans for Windows devices
  • Browser plug-ins assessment
  • Digital certificates assessment
  • Network shares analysis
  • Block vulnerable applications

Available for all customers

Microsoft Defender Vulnerability Management Standalone

Includes all the capabilities in the Defender Vulnerability Management Add-on, PLUS:
 

  • Vulnerability assessment
  • Configuration assessment
  • Continuous monitoring
  • Threat analytics and threat intelligence
  • Risk-based prioritization
  • Remediation tracking

Related products

Microsoft Defender for Endpoint

Defender for Endpoint delivers leading endpoint security to rapidly stop attacks, scale your security resources, and evolve your defenses.

Microsoft Secure Score

Microsoft Secure Score provides visibility, assessment, and intelligent guidance to strengthen your security.

Microsoft Defender for Servers

Defender for Servers is a workload protection plan that provides advanced threat protection for servers running in Azure, AWS, GCP, and on premises.

Get started

Explore all modern vulnerability management capabilities from Microsoft with a free trial.

Defender Vulnerability Management delivers asset visibility, intelligent assessments, and built-in remediation tools for Windows, macOS, Linux, Android, iOS, and network devices to prioritize and address critical vulnerabilities and misconfigurations across your organization. It provides continuous monitoring and alerts through the agent-based module built into devices and authenticated scanning. Using Microsoft threat intelligence, breach likelihood predictions, business contexts, and device assessments. Defender Vulnerability Management rapidly and continuously prioritizes the biggest vulnerabilities on your most critical assets and provides security recommendations to mitigate risk. Automated remediation tools, built-in workflows, and real-time measurements through your organization’s exposure score, Microsoft Secure Score for Devices, and security baseline assessment empower teams to bridge workflow gaps, quickly reduce risk, and track progress across the organization.