I’m excited to announce that Microsoft’s Threat & Vulnerability Management solution is generally available as of June 30! We have been working closely with customers for more than a year to incorporate their real needs and feedback to better address vulnerability management. Our goal is to empower defenders with the tools they need to better protect against evolving threats, and we believe this solution will help provide that additional visibility and agility they need.
Threat & Vulnerability Management (TVM) is a built-in capability in Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) that uses a risk-based approach to discover, prioritize, and remediate endpoint vulnerabilities and misconfigurations. With Microsoft Defender ATP’s Threat & Vulnerability Management, customers benefit from:
- Continuous discovery of vulnerabilities and misconfigurations
- Prioritization based on business context and dynamic threat landscape
- Correlation of vulnerabilities with endpoint detection and response (EDR) alerts to expose breach insights
- Machine-level vulnerability context during incident investigations
- Built-in remediation processes through unique integration with Microsoft Intune and Microsoft System Center Configuration Manager
Traditional vulnerability scanning only happens periodically, leaving organizations with security blind spots between scans. The one-size-fits-all approach that these traditional solutions use ignores critical business-specific context, as well as the dynamic threat landscape. This is coupled with the fact that mitigation of vulnerabilities is a manual process, often across teams, that can take days, weeks, or months to complete. This leaves a window of opportunity for attackers and puts our defenders in a tough spot.
To address these challenges Microsoft partnered with a dozen enterprise customers on the design and creation of this new Threat & Vulnerability Management solution. One of them is Telit, a global leader in IoT enablement offering end-to-end IoT solutions, including enterprise-grade hardware, connectivity, platform, and consulting services. Telit already had a well-defined vulnerability management program in place, but said they were missing several critical capabilities, including visibility, prioritization, and remediation.
Our design partners play a key role throughout the entire process, from planning and building to operationalizing and maturing the product so we can deliver the best experience. Many of our customers have existing vulnerability management programs, so we knew that to have them switch to Microsoft we would need a disruptive approach to vulnerability management. From private preview to general availability and beyond, our key goals were to bridge the gap between Security and IT roles in threat protection, to reduce time to threat resolution while enabling real-time prioritization and risk reduction based on the evolving threat landscape and business context. The team continues to incorporate feedback from customers and partners, adding these new capabilities on a monthly basis.
“Telit’s previous threat and vulnerability solutions were limited to on-premises connected endpoints. Moving to Microsoft’s TVM cloud-based solution provides us much better visibility into roaming endpoints with a continuous assessment, especially when our endpoints are connected to untrusted networks.”
— Itzik Menashe, VP of IT & Information Security, Telit
Working together with Telit, we quickly understood that the current prioritization norm is not enough to properly reduce risk in an organization. We consulted with our partners on a new risk-based approach, which is focused on continuous discovery of vulnerabilities and misconfigurations and correlated those insights with context specific to their business and the dynamic threat landscape.
Microsoft’s built-in, end-to-end remediation process helps Telit bridge the gap between their security and operations teams. The unique integration with Microsoft Intune allows their security team to create remediation requests with a click of a button, and the operations team receives the requests automatically with all relevant information and can start the remediation process right away. The security team can then watch their exposure score drop in real time as remediation progresses.
“Microsoft’s TVM provides Telit with an easy-to-use solution that incorporates strong discovery capabilities, a risk-based approach to prioritization, and an effective remediation process. With this solution we are able to cover a large number of endpoints using a very small team of security engineers.”
— Mor Asher, Global IT and Information Security Manager, Telit
The product experience and ease of implementation was a big driver for Telit and thousands of other active customers to start using Microsoft Defender ATP Threat & Vulnerability Management. Telit had Microsoft Defender ATP’s TVM up and running within seconds.
To learn more about threat and vulnerability management watch our video that walks you through the experience.
We’re excited for our customers to evaluate this new solution and are looking forward to continued feedback.