From the course: Microsoft Security Essentials: Concepts, Solutions, and AI-Powered Protection

Microsoft Defender Vulnerability Management - Microsoft Security Copilot Tutorial

From the course: Microsoft Security Essentials: Concepts, Solutions, and AI-Powered Protection

Microsoft Defender Vulnerability Management

- [Narrator] Let's look at Microsoft Defender Vulnerability Management. What is a vulnerability? You can think of vulnerabilities as weaknesses within your assets, including devices, networks, applications, and data. Threat actors can use variance tactics and techniques to exploit these exposed vulnerabilities. So it's critical for organizations to reduce cyber risk by properly manage their vulnerabilities. You often hear the term CVE in vulnerability management. CVE stands for Common Vulnerabilities and Exposures. It's an industry standardized system for tracking publicly-known cybersecurity vulnerabilities. Each CVE has a unique number. For example, CVE-2024-5274. Microsoft Defender Vulnerability Management enables organizations to reduce cyber risk through three key capabilities. Continuous asset discovery and monitoring. It provides the inventories of software, hardware, firmware, browser extensions, and digital certificates, so you can have a real-time view of your organization's assets. Risk-based intelligent prioritization. It leverages Microsoft's threat intelligence, risk predictions, and device assessments to prioritize your organization's vulnerabilities, so you can focus on the most critical tasks. Remediation and tracking. You can use building workflows to perform remediation tasks, such as updating and operating system based on a recommendation or blocking vulnerable applications. And you can track the status and progress of the remediation activities in real time. Now, let's do a quick demo of Microsoft Defender Vulnerability Management. Here's the Microsoft Defender portal. Under Vulnerability Management, you can use the dashboard to get an overview of exposure score, which reflects the device exposures in your organization. Top security recommendations. Microsoft Secure Score for your devices across application, operating system, network accounts, and security controls. And the top events. Click recommendations. You can find a list of security recommendations. Let's select a recommendation. You can view the details and create a task to request a remediation. Click remediation. Here you can track all remediation activities and view the status of an activity. Click inventories. You can get a real-time view of software, vulnerable components, browser extensions, certificates, hardware and firmware. Click weaknesses. You can discover vulnerabilities in your organization and view the details of a CVE. Click baselines assessment. You can assess device compliance against the selected industry security benchmarks.

Contents