Risk-based vulnerability management
Reduce risk with continuous vulnerability assessment, risk-based prioritization, and remediation.
Help reduce cybersecurity risk
Learn how our discovery tools, asset inventories, threat intelligence, and built-in workflows help security teams reduce risk.
Key capabilities
Proactively reduce risk to your organization with Defender Vulnerability Management.
Compare plans in preview
Add-on for Defender for Endpoint P2 & E5 customers
Microsoft Defender Vulnerability Management Add-on
Defender for Endpoint Plan 2 and E5 customers can add new advanced vulnerability management tools to their existing subscription with the Defender Vulnerability Management Add-on.
Key capabilities:
- Unified security tools and centralized management
- Discovery of unmanaged and managed devices
- Inventory of managed devices
- Inventory of network devices
- Security baseline assessment
- Authenticated scans for Windows devices
- Browser plug-ins assessment
- Digital certificates assessment
- Network shares analysis
- Block vulnerable applications
Available for all customers
Microsoft Defender Vulnerability Management Standalone
Includes all the capabilities in the Defender Vulnerability Management Add-on, PLUS:
- Vulnerability assessment
- Configuration assessment
- Continuous monitoring
- Threat analytics and threat intelligence
- Risk-based prioritization
- Remediation tracking
Related products
Microsoft Defender for Endpoint
Defender for Endpoint delivers leading endpoint security to rapidly stop attacks, scale your security resources, and evolve your defenses.
Microsoft Secure Score
Microsoft Secure Score provides visibility, assessment, and intelligent guidance to strengthen your security.
Microsoft Defender for Servers
Defender for Servers is a workload protection plan that provides advanced threat protection for servers running in Azure, AWS, GCP, and on premises.
Documentation and latest updates
Defender Vulnerability Management documentation
Learn about each capability in depth and how it can help you protect your organization.
Download the solution brief
Explore how Defender Vulnerability Management helps discover, assess, and remediate risk.
Latest updates
Learn about the latest innovations in vulnerability management from Microsoft.
Defender Vulnerability Management delivers asset visibility, intelligent assessments, and built-in remediation tools for Windows, macOS, Linux, Android, iOS, and network devices to prioritize and address critical vulnerabilities and misconfigurations across your organization. It provides continuous monitoring and alerts through the agent-based module built into devices and authenticated scanning. Using Microsoft threat intelligence, breach likelihood predictions, business contexts, and device assessments. Defender Vulnerability Management rapidly and continuously prioritizes the biggest vulnerabilities on your most critical assets and provides security recommendations to mitigate risk. Automated remediation tools, built-in workflows, and real-time measurements through your organization’s exposure score, Microsoft Secure Score for Devices, and security baseline assessment empower teams to bridge workflow gaps, quickly reduce risk, and track progress across the organization.