Previously, the service was only accessible as part of Microsoft Defender for Endpoint, a comprehensive endpoint security solution that includes threat detection, investigation, response and remediation capabilities.
However, Microsoft recognized that some customers may want to use the vulnerability management service separately from the endpoint protection features, especially if they already have other security solutions in place.
Microsoft Defender Vulnerability Management is a service that helps organizations discover, prioritize, and remediate security vulnerabilities across their IT assets. According to Microsoft, the standalone service provides the same benefits as the integrated one.
Features in Microsoft Defender Vulnerability Management
- “Security baselines assessment – customized profiles that you can create to assess and monitor endpoints against industry security benchmarks, such as CIS, STIG and Microsoft benchmarks. Instead of running never-ending compliance scans, monitor your organization's security baselines seamlessly according to customized profiles.
- Block vulnerable applications – In addition to the core remediation capabilities, proactively reduce risks with this premium capability by taking mitigation steps such as warning users or blocking known vulnerable versions of applications. Leverage software usage insights to understand the impact of the vulnerable application.
- Hardware and firmware assessment – full visibility into device manufacturer, processors, and BIOs information to assess vulnerabilities for hardware and firmware risks.
- Digital certificates and browser extensions assessment – expand your asset coverage beyond devices and gain entity-level visibility into the various browser extensions and digital certificates installed across assets.
- Network shares analysis– protect against misconfigurations used in the wild by attackers for lateral movement, reconnaissance, data exfiltration, and more.
- Authenticated scans for vulnerability assessment– run scans on unmanaged devices by remotely targeting by IP ranges or hostnames to remotely access the devices for vulnerability assessment purposes.”
The standalone service also supports hybrid environments, meaning that customers can use it to monitor both their on-premises and cloud-based assets. Microsoft says as a standalone, Vulnerability Management costs $3 per user per month.
Microsoft Defender Vulnerability Management is available as a per-device subscription, with a free trial option for up to 100 devices. Customers can purchase it through the Microsoft 365 admin center or through their Microsoft partner or reseller.
Vulnerability Management is a part of Microsoft Defender and is part of Microsoft's broader vision to provide unified and integrated security solutions for customers of all sizes and industries. The company claims that its security portfolio protects more than a billion devices and detects over 8 trillion threats per day.