mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-18 08:17:23 +00:00
capitalization updates
This commit is contained in:
Beth Levin
parent
0507eaf599
commit
3e72f56509
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Threat & Vulnerability Management dashboard insights
|
||||
description: The Threat & Vulnerability Management dashboard can help SecOps and security admins address cybersecurity threats and build their organization's security resilience.
|
||||
keywords: mdatp-tvm, mdatp-tvm dashboard, threat & vulnerability management, risk-based threat & vulnerability management, security configuration, Microsoft Secure Score for Devices, exposure score
|
||||
title: Threat and vulnerability management dashboard insights
|
||||
description: The threat and vulnerability management dashboard can help SecOps and security admins address cybersecurity threats and build their organization's security resilience.
|
||||
keywords: mdatp-tvm, mdatp-tvm dashboard, threat & vulnerability management, threat and vulnerability management, risk-based threat & vulnerability management, security configuration, Microsoft Secure Score for Devices, exposure score
|
||||
search.appverid: met150
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.prod: w10
|
||||
@ -16,7 +16,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
---
|
||||
# Threat & Vulnerability Management dashboard insights
|
||||
# Threat and vulnerability management dashboard insights
|
||||
|
||||
**Applies to:**
|
||||
|
||||
@ -24,13 +24,13 @@ ms.topic: conceptual
|
||||
|
||||
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
|
||||
|
||||
Threat & Vulnerability Management is a component of Microsoft Defender ATP, and provides both security administrators and security operations teams with unique value, including:
|
||||
Threat and vulnerability management is a component of Microsoft Defender ATP, and provides both security administrators and security operations teams with unique value, including:
|
||||
|
||||
- Real-time endpoint detection and response (EDR) insights correlated with endpoint vulnerabilities
|
||||
- Invaluable device vulnerability context during incident investigations
|
||||
- Built-in remediation processes through Microsoft Intune and Microsoft Endpoint Configuration Manager
|
||||
|
||||
You can use the Threat & Vulnerability Management capability in [Microsoft Defender Security Center](https://securitycenter.windows.com/) to:
|
||||
You can use the threat and vulnerability management capability in [Microsoft Defender Security Center](https://securitycenter.windows.com/) to:
|
||||
|
||||
- View exposure and Microsoft Secure Score for Devices side-by-side with top security recommendations, software vulnerability, remediation activities, and exposed devices
|
||||
- Correlate EDR insights with endpoint vulnerabilities and process them
|
||||
@ -38,19 +38,19 @@ You can use the Threat & Vulnerability Management capability in [Microsoft Defen
|
||||
- Select exception options and track active exceptions
|
||||
|
||||
> [!NOTE]
|
||||
> Devices that are not active in the last 30 days are not factored in on the data that reflects your organization's Threat & Vulnerability Management exposure score and Microsoft Secure Score for Devices.
|
||||
> Devices that are not active in the last 30 days are not factored in on the data that reflects your organization's threat and vulnerability management exposure score and Microsoft Secure Score for Devices.
|
||||
|
||||
Watch this video for a quick overview of what is in the Threat & Vulnerability Management dashboard.
|
||||
Watch this video for a quick overview of what is in the threat and vulnerability management dashboard.
|
||||
|
||||
>[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4r1nv]
|
||||
|
||||
## Threat & Vulnerability Management in Microsoft Defender Security Center
|
||||
## Threat and vulnerability management in Microsoft Defender Security Center
|
||||
|
||||
|
||||
|
||||
You can navigate through the portal using the menu options available in all sections. Refer to the following tables for a description of each section.
|
||||
|
||||
## Threat & Vulnerability Management navigation pane
|
||||
## Threat and vulnerability management navigation pane
|
||||
|
||||
Area | Description
|
||||
:---|:---
|
||||
@ -60,11 +60,11 @@ Area | Description
|
||||
[**Software inventory**](tvm-software-inventory.md) | See the list of software, versions, weaknesses, whether there's an exploit found on the software, whether the software or software version has reached end-of-support, prevalence in the organization, how many were installed, how many exposed devices there are, and the numerical value of the impact. You can select each item in the list and opt to open the software page which shows the associated vulnerabilities, misconfigurations, affected device, version distribution details, and missing KBs or security updates.
|
||||
[**Weaknesses**](tvm-weaknesses.md) | See the list of common vulnerabilities and exposures, the severity, the common vulnerability scoring system (CVSS) V3 score, related software, age, when it was published, related threat alerts, and how many exposed devices there are. You can select each item in the list to see a flyout panel with the vulnerability description and other details.
|
||||
|
||||
## Threat & Vulnerability Management dashboard
|
||||
## Threat and vulnerability management dashboard
|
||||
|
||||
Area | Description
|
||||
:---|:---
|
||||
**Selected device groups (#/#)** | Filter the Threat & Vulnerability Management data you want to see in the dashboard and cards by device groups. What you select in the filter applies throughout the Threat & Vulnerability management pages.
|
||||
**Selected device groups (#/#)** | Filter the threat and vulnerability management data you want to see in the dashboard and cards by device groups. What you select in the filter applies throughout the threat and vulnerability management pages.
|
||||
[**Exposure score**](tvm-exposure-score.md) | See the current state of your organization's device exposure to threats and vulnerabilities. Several factors affect your organization's exposure score: weaknesses discovered in your devices, likelihood of your devices to be breached, value of the devices to your organization, and relevant alerts discovered with your devices. The goal is to lower the exposure score of your organization to be more secure. To reduce the score, you need to remediate the related security configuration issues listed in the security recommendations.
|
||||
[**Microsoft Secure Score for Devices**](tvm-microsoft-secure-score-devices.md) | See the security posture of the operating system, applications, network, accounts and security controls of your organization. The goal is to remediate the related security configuration issues to increase your score for devices. Selecting the bars will take you to the **Security recommendation** page.
|
||||
**Device exposure distribution** | See how many devices are exposed based on their exposure level. Select a section in the doughnut chart to go to the **Devices list** page and view the affected device names, exposure level, risk level, and other details such as domain, operating system platform, its health state, when it was last seen, and its tags.
|
||||
@ -77,7 +77,7 @@ See [Microsoft Defender ATP icons](portal-overview.md#microsoft-defender-atp-ico
|
||||
|
||||
## Related topics
|
||||
|
||||
- [Threat & Vulnerability Management overview](next-gen-threat-and-vuln-mgt.md)
|
||||
- [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
|
||||
- [Supported operating systems and platforms](tvm-supported-os.md)
|
||||
- [Exposure score](tvm-exposure-score.md)
|
||||
- [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md)
|
||||
@ -88,4 +88,4 @@ See [Microsoft Defender ATP icons](portal-overview.md#microsoft-defender-atp-ico
|
||||
- [Event timeline](threat-and-vuln-mgt-event-timeline.md)
|
||||
- [Scenarios](threat-and-vuln-mgt-scenarios.md)
|
||||
- [APIs](next-gen-threat-and-vuln-mgt.md#apis)
|
||||
- [Configure data access for Threat & Vulnerability Management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
|
||||
- [Configure data access for threat and vulnerability management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Exposure score
|
||||
description: The Microsoft Defender ATP exposure score reflects how vulnerable your organization is to cybersecurity threats.
|
||||
title: Threat and vulnerability management xxposure score
|
||||
description: The threat and vulnerability management exposure score reflects how vulnerable your organization is to cybersecurity threats.
|
||||
keywords: exposure score, mdatp exposure score, mdatp tvm exposure score, organization exposure score, tvm organization exposure score, threat and vulnerability management, Microsoft Defender Advanced Threat Protection
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
search.appverid: met150
|
||||
@ -16,7 +16,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
---
|
||||
# Exposure score
|
||||
# Threat and vulnerability management exposure score
|
||||
|
||||
**Applies to:**
|
||||
|
||||
@ -24,7 +24,7 @@ ms.topic: conceptual
|
||||
|
||||
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
|
||||
|
||||
Your Exposure score is visible in the [Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md) of the Microsoft Defender Security Center. It reflects how vulnerable your organization is to cybersecurity threats. Low exposure score means your devices are less vulnerable from exploitation.
|
||||
Your exposure score is visible in the [Threat and vulnerability management dashboard](tvm-dashboard-insights.md) of the Microsoft Defender Security Center. It reflects how vulnerable your organization is to cybersecurity threats. Low exposure score means your devices are less vulnerable from exploitation.
|
||||
|
||||
- Quickly understand and identify high-level takeaways about the state of security in your organization.
|
||||
- Detect and respond to areas that require investigation or action to improve the current state.
|
||||
@ -36,7 +36,7 @@ The card gives you a high-level view of your exposure score trend over time. Any
|
||||
|
||||
## How it works
|
||||
|
||||
Threat & Vulnerability Management introduces a new exposure score metric, which visually represents how exposed your devices are to imminent threats.
|
||||
Threat and vulnerability management introduces a new exposure score metric, which visually represents how exposed your devices are to imminent threats.
|
||||
|
||||
The exposure score is continuously calculated on each device in the organization and influenced by the following factors:
|
||||
|
||||
@ -55,13 +55,13 @@ You can remediate the issues based on prioritized [security recommendations](tvm
|
||||
|
||||
## Reduce your threat and vulnerability exposure
|
||||
|
||||
Lower your threat and vulnerability exposure by remediating [security recommendations](tvm-security-recommendation.md). Make the most impact to your exposure score by remediating the top security recommendations, which can be viewed in the [Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md).
|
||||
Lower your threat and vulnerability exposure by remediating [security recommendations](tvm-security-recommendation.md). Make the most impact to your exposure score by remediating the top security recommendations, which can be viewed in the [threat and vulnerability management dashboard](tvm-dashboard-insights.md).
|
||||
|
||||
## Related topics
|
||||
|
||||
- [Threat & Vulnerability Management overview](next-gen-threat-and-vuln-mgt.md)
|
||||
- [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
|
||||
- [Supported operating systems and platforms](tvm-supported-os.md)
|
||||
- [Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md)
|
||||
- [Threat and vulnerability management dashboard](tvm-dashboard-insights.md)
|
||||
- [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md)
|
||||
- [Security recommendations](tvm-security-recommendation.md)
|
||||
- [Remediation and exception](tvm-remediation.md)
|
||||
@ -70,4 +70,4 @@ Lower your threat and vulnerability exposure by remediating [security recommenda
|
||||
- [Event timeline](threat-and-vuln-mgt-event-timeline.md)
|
||||
- [Scenarios](threat-and-vuln-mgt-scenarios.md)
|
||||
- [APIs](next-gen-threat-and-vuln-mgt.md#apis)
|
||||
- [Configure data access for Threat & Vulnerability Management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
|
||||
- [Configure data access for threat and vulnerability management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Overview of Microsoft Secure Score for Devices in Microsoft Defender Security Center
|
||||
description: Your score for devices shows the collective security configuration state of your devices across application, operating system, network, accounts, and security controls
|
||||
keywords: Microsoft Secure Score for Devices, mdatp Microsoft Secure Score for Devices, secure score, configuration score, security controls, improvement opportunities, security configuration score over time, security posture, baseline
|
||||
keywords: Microsoft Secure Score for Devices, mdatp Microsoft Secure Score for Devices, secure score, configuration score, threat and vulnerability management, security controls, improvement opportunities, security configuration score over time, security posture, baseline
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
search.appverid: met150
|
||||
ms.prod: w10
|
||||
@ -23,9 +23,9 @@ ms.topic: conceptual
|
||||
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
|
||||
|
||||
>[!NOTE]
|
||||
> Configuration score is now part of Threat & Vulnerability Management as Microsoft Secure Score for Devices.
|
||||
> Configuration score is now part of threat and vulnerability management as Microsoft Secure Score for Devices.
|
||||
|
||||
Your score for devices is visible in the [Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md) of the Microsoft Defender Security Center. A higher Microsoft Secure Score for Devices means your endpoints are more resilient from cybersecurity threat attacks. It reflects the collective security configuration state of your devices across the following categories:
|
||||
Your score for devices is visible in the [threat and vulnerability management dashboard](tvm-dashboard-insights.md) of the Microsoft Defender Security Center. A higher Microsoft Secure Score for Devices means your endpoints are more resilient from cybersecurity threat attacks. It reflects the collective security configuration state of your devices across the following categories:
|
||||
|
||||
- Application
|
||||
- Operating system
|
||||
@ -51,7 +51,7 @@ The data in the Microsoft Secure Score for Devices card is the product of meticu
|
||||
|
||||
You can improve your security configuration when you remediate issues from the security recommendations list. As you do so, your Microsoft Secure Score for Devices improves, which means your organization becomes more resilient against cybersecurity threats and vulnerabilities.
|
||||
|
||||
1. From the Microsoft Secure Score for Devices card in the Threat & Vulnerability Management dashboard, select the one of the categories to view the list of recommendations related to that category. It will take you to the [**Security recommendations**](tvm-security-recommendation.md) page. If you want to see all security recommendations, once you get to the Security recommendations page, clear the search field.
|
||||
1. From the Microsoft Secure Score for Devices card in the threat and vulnerability management dashboard, select the one of the categories to view the list of recommendations related to that category. It will take you to the [**Security recommendations**](tvm-security-recommendation.md) page. If you want to see all security recommendations, once you get to the Security recommendations page, clear the search field.
|
||||
|
||||
2. Select an item on the list. The flyout panel will open with details related to the recommendation. Select **Remediation options**.
|
||||
|
||||
@ -82,9 +82,9 @@ You can improve your security configuration when you remediate issues from the s
|
||||
|
||||
## Related topics
|
||||
|
||||
- [Threat & Vulnerability Management overview](next-gen-threat-and-vuln-mgt.md)
|
||||
- [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
|
||||
- [Supported operating systems and platforms](tvm-supported-os.md)
|
||||
- [Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md)
|
||||
- [Threat and vulnerability management dashboard](tvm-dashboard-insights.md)
|
||||
- [Exposure score](tvm-exposure-score.md)
|
||||
- [Security recommendations](tvm-security-recommendation.md)
|
||||
- [Remediation and exception](tvm-remediation.md)
|
||||
@ -92,4 +92,4 @@ You can improve your security configuration when you remediate issues from the s
|
||||
- [Weaknesses](tvm-weaknesses.md)
|
||||
- [Scenarios](threat-and-vuln-mgt-scenarios.md)
|
||||
- [APIs](next-gen-threat-and-vuln-mgt.md#apis)
|
||||
- [Configure data access for Threat & Vulnerability Management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
|
||||
- [Configure data access for threat and vulnerability management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Remediation and exception
|
||||
description: Remediate security weaknesses and fill exceptions by integrating Microsoft Intune and Microsoft Endpoint Configuration Manager.
|
||||
keywords: microsoft defender atp tvm remediation, mdatp tvm, threat & vulnerability management, threat & vulnerability management remediation, tvm remediation intune, tvm remediation sccm
|
||||
title: Threat and vulnerability management remediation and exceptions
|
||||
description: Remediate security weaknesses discovered through security recommendations, and create exceptions if needed, in threat and vulnerability management.
|
||||
keywords: microsoft defender atp tvm remediation, mdatp tvm, threat and vulnerability management, threat & vulnerability management, threat & vulnerability management remediation, tvm remediation intune, tvm remediation sccm
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
search.appverid: met150
|
||||
ms.prod: w10
|
||||
@ -16,7 +16,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
---
|
||||
# Remediation activities and exceptions
|
||||
# Remediation activities and exceptions - threat and vulnerability management
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
|
||||
@ -34,22 +34,22 @@ Lower your organization's exposure from vulnerabilities and increase your securi
|
||||
|
||||
You can access the Remediation page a few different ways:
|
||||
|
||||
- Threat & Vulnerability Management navigation menu in the [Microsoft Defender Security Center](portal-overview.md)
|
||||
- Top remediation activities card in the [Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md)
|
||||
- Threat and vulnerability management navigation menu in the [Microsoft Defender Security Center](portal-overview.md)
|
||||
- Top remediation activities card in the [threat and vulnerability management dashboard](tvm-dashboard-insights.md)
|
||||
|
||||
### Navigation menu
|
||||
|
||||
Go to the Threat & Vulnerability Management navigation menu and select **Remediation** to open up the list of remediation activities and exceptions found in your organization.
|
||||
Go to the threat and vulnerability management navigation menu and select **Remediation** to open up the list of remediation activities and exceptions found in your organization.
|
||||
|
||||
### Top remediation activities in the dashboard
|
||||
|
||||
View **Top remediation activities** in the [Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md). Select any of the entries to go to the **Remediation** page. You can mark the remediation activity as completed after the IT admin team remediates the task.
|
||||
View **Top remediation activities** in the [threat and vulnerability management dashboard](tvm-dashboard-insights.md). Select any of the entries to go to the **Remediation** page. You can mark the remediation activity as completed after the IT admin team remediates the task.
|
||||
|
||||
|
||||
|
||||
## Remediation activities
|
||||
|
||||
When you [submit a remediation request](tvm-security-recommendation.md#request-remediation) from the [Security recommendations page](tvm-security-recommendation.md), it kicks-off a remediation activity. A security task is created which will be tracked in the Threat & Vulnerability Management **Remediation** page, and a remediation ticket is created in Microsoft Intune.
|
||||
When you [submit a remediation request](tvm-security-recommendation.md#request-remediation) from the [Security recommendations page](tvm-security-recommendation.md), it kicks-off a remediation activity. A security task is created which will be tracked in the threat and vulnerability management **Remediation** page, and a remediation ticket is created in Microsoft Intune.
|
||||
|
||||
Once you are in the Remediation page, select the remediation activity that you want to view. You can follow the remediation steps, track progress, view the related recommendation, export to CSV, or mark as complete.
|
||||
|
||||
@ -95,9 +95,9 @@ Select **Show exceptions** at the bottom of the **Top security recommendations**
|
||||
|
||||
## Related topics
|
||||
|
||||
- [Threat & Vulnerability Management overview](next-gen-threat-and-vuln-mgt.md)
|
||||
- [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
|
||||
- [Supported operating systems and platforms](tvm-supported-os.md)
|
||||
- [Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md)
|
||||
- [Threat and vulnerability management dashboard](tvm-dashboard-insights.md)
|
||||
- [Exposure score](tvm-exposure-score.md)
|
||||
- [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md)
|
||||
- [Security recommendations](tvm-security-recommendation.md)
|
||||
@ -106,4 +106,4 @@ Select **Show exceptions** at the bottom of the **Top security recommendations**
|
||||
- [Event timeline](threat-and-vuln-mgt-event-timeline.md)
|
||||
- [Scenarios](threat-and-vuln-mgt-scenarios.md)
|
||||
- [APIs](next-gen-threat-and-vuln-mgt.md#apis)
|
||||
- [Configure data access for Threat & Vulnerability Management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
|
||||
- [Configure data access for threat and vulnerability management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Security recommendations
|
||||
title: Threat and vulnerability management security recommendations
|
||||
description: Get actionable security recommendations prioritized by threat, likelihood to be breached, and value.
|
||||
keywords: threat and vulnerability management, mdatp tvm security recommendation, cybersecurity recommendation, actionable security recommendation
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -16,7 +16,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
---
|
||||
# Security recommendations
|
||||
# Security recommendations - threat and vulnerability management
|
||||
|
||||
**Applies to:**
|
||||
|
||||
@ -44,8 +44,8 @@ Each device in the organization is scored based on three important factors to he
|
||||
|
||||
Access the Security recommendations page a few different ways:
|
||||
|
||||
- Threat & Vulnerability Management navigation menu in the [Microsoft Defender Security Center](portal-overview.md)
|
||||
- Top security recommendations in the [Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md)
|
||||
- Threat and vulnerability management navigation menu in the [Microsoft Defender Security Center](portal-overview.md)
|
||||
- Top security recommendations in the [threat and vulnerability management dashboard](tvm-dashboard-insights.md)
|
||||
|
||||
View related security recommendations in the following places:
|
||||
|
||||
@ -54,11 +54,11 @@ View related security recommendations in the following places:
|
||||
|
||||
### Navigation menu
|
||||
|
||||
Go to the Threat & Vulnerability Management navigation menu and select **Security recommendations** to open the list of security recommendations for the threats and vulnerabilities found in your organization.
|
||||
Go to the threat and vulnerability management navigation menu and select **Security recommendations** to open the list of security recommendations for the threats and vulnerabilities found in your organization.
|
||||
|
||||
### Top security recommendations in the Threat & Vulnerability Management dashboard
|
||||
### Top security recommendations in the threat and vulnerability management dashboard
|
||||
|
||||
In a given day as a Security Administrator, you can take a look at the [Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md) to see your [exposure score](tvm-exposure-score.md) side-by-side with your [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md). The goal is to **lower** your organization's exposure from vulnerabilities, and **increase** your organization's device security to be more resilient against cybersecurity threat attacks. The top security recommendations list can help you achieve that goal.
|
||||
In a given day as a Security Administrator, you can take a look at the [threat and vulnerability management dashboard](tvm-dashboard-insights.md) to see your [exposure score](tvm-exposure-score.md) side-by-side with your [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md). The goal is to **lower** your organization's exposure from vulnerabilities, and **increase** your organization's device security to be more resilient against cybersecurity threat attacks. The top security recommendations list can help you achieve that goal.
|
||||
|
||||
|
||||
|
||||
@ -106,7 +106,7 @@ If there is a large jump in the number of exposed machines, or a sharp increase
|
||||
|
||||
## Request remediation
|
||||
|
||||
The Threat & Vulnerability Management capability in Microsoft Defender ATP bridges the gap between Security and IT administrators through the remediation request workflow. Security admins like you can request for the IT Administrator to remediate a vulnerability from the **Security recommendation** pages to Intune.
|
||||
The threat and vulnerability management capability in Microsoft Defender ATP bridges the gap between Security and IT administrators through the remediation request workflow. Security admins like you can request for the IT Administrator to remediate a vulnerability from the **Security recommendation** pages to Intune.
|
||||
|
||||
### Enable Microsoft Intune connection
|
||||
|
||||
@ -118,7 +118,7 @@ See [Use Intune to remediate vulnerabilities identified by Microsoft Defender AT
|
||||
|
||||
1. Select a security recommendation you would like to request remediation for, and then select **Remediation options**.
|
||||
|
||||
2. Fill out the form, including what you are requesting remediation for, priority, due date, and optional notes. Select **Submit request**. Submitting a remediation request creates a remediation activity item within Threat & Vulnerability Management, which can be used for monitoring the remediation progress for this recommendation. This will not trigger a remediation or apply any changes to devices.
|
||||
2. Fill out the form, including what you are requesting remediation for, priority, due date, and optional notes. Select **Submit request**. Submitting a remediation request creates a remediation activity item within threat and vulnerability management, which can be used for monitoring the remediation progress for this recommendation. This will not trigger a remediation or apply any changes to devices.
|
||||
|
||||
3. Notify your IT Administrator about the new request and have them log into Intune to approve or reject the request and start a package deployment.
|
||||
|
||||
@ -152,7 +152,7 @@ When an exception is created for a recommendation, the recommendation is no long
|
||||
|
||||
3. Select **Submit**. A confirmation message at the top of the page indicates that the exception has been created.
|
||||
|
||||
4. Navigate to the [**Remediation**](tvm-remediation.md) page under the **Threat & Vulnerability Management** menu and select the **Exceptions** tab to view all your exceptions (current and past).
|
||||
4. Navigate to the [**Remediation**](tvm-remediation.md) page under the **Threat and vulnerability management** menu and select the **Exceptions** tab to view all your exceptions (current and past).
|
||||
|
||||
## Report inaccuracy
|
||||
|
||||
@ -166,7 +166,7 @@ You can report a false positive when you see any vague, inaccurate, incomplete,
|
||||
|
||||
3. From the flyout pane, select the inaccuracy category from the drop-down menu, fill in your email address, and details regarding the inaccuracy.
|
||||
|
||||
4. Select **Submit**. Your feedback is immediately sent to the Threat & Vulnerability Management experts.
|
||||
4. Select **Submit**. Your feedback is immediately sent to the threat and vulnerability management experts.
|
||||
|
||||
## Find and remediate software or software versions which have reached end-of-support (EOS)
|
||||
|
||||
@ -176,7 +176,7 @@ It is crucial for Security and IT Administrators to work together and ensure tha
|
||||
|
||||
To find software or software versions which have reached end-of-support:
|
||||
|
||||
1. From the Threat & Vulnerability Management menu, navigate to **Security recommendations**.
|
||||
1. From the threat and vulnerability management menu, navigate to **Security recommendations**.
|
||||
2. Go to the **Filters** panel and look for the tags section. Select one or more of the EOS tag options. Then **Apply**.
|
||||
|
||||
|
||||
@ -203,12 +203,11 @@ To view a list of version that have reached end of support, or end or support so
|
||||
|
||||
After you have identified which software and software versions are vulnerable due to its end-of-support status, remediate them to lower your organizations exposure to vulnerabilities and advanced persistent threats.
|
||||
|
||||
|
||||
## Related topics
|
||||
|
||||
- [Threat & Vulnerability Management overview](next-gen-threat-and-vuln-mgt.md)
|
||||
- [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
|
||||
- [Supported operating systems and platforms](tvm-supported-os.md)
|
||||
- [Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md)
|
||||
- [Threat and vulnerability management dashboard](tvm-dashboard-insights.md)
|
||||
- [Exposure score](tvm-exposure-score.md)
|
||||
- [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md)
|
||||
- [Remediation and exception](tvm-remediation.md)
|
||||
@ -217,4 +216,4 @@ After you have identified which software and software versions are vulnerable du
|
||||
- [Event timeline](threat-and-vuln-mgt-event-timeline.md)
|
||||
- [Scenarios](threat-and-vuln-mgt-scenarios.md)
|
||||
- [APIs](next-gen-threat-and-vuln-mgt.md#apis)
|
||||
- [Configure data access for Threat & Vulnerability Management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
|
||||
- [Configure data access for threat and vulnerability management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Software inventory
|
||||
description: Microsoft Defender ATP Threat & Vulnerability Management's software inventory page shows how many weaknesses and vulnerabilities have been detected in software.
|
||||
keywords: microsoft defender atp, microsoft defender atp software inventory, mdatp threat & vulnerability management, mdatp threat & vulnerability management software inventory, mdatp tvm software inventory, tvm software inventory
|
||||
title: Software inventory in threat and vulnerability management
|
||||
description: Microsoft Defender ATP threat and vulnerability management's software inventory page shows how many weaknesses and vulnerabilities have been detected in software.
|
||||
keywords: threat and vulnerability management, microsoft defender atp, microsoft defender atp software inventory, mdatp threat & vulnerability management, mdatp threat & vulnerability management software inventory, mdatp tvm software inventory, tvm software inventory
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
search.appverid: met150
|
||||
ms.prod: w10
|
||||
@ -16,14 +16,14 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
---
|
||||
# Software inventory
|
||||
# Software inventory - threat and vulnerability management
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
|
||||
|
||||
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
|
||||
|
||||
Microsoft Defender ATP Threat & Vulnerability management's discovery capability shows in the **Software inventory** page. The software inventory includes the name of the product or vendor, the latest version it is in, and the number of weaknesses and vulnerabilities detected with it.
|
||||
The software inventory in threat and vulnerability management is a list of all the software in your organization, including details such as the name of the vendor, number of weaknesses, threats, and number of exposed devices.
|
||||
|
||||
## How it works
|
||||
|
||||
@ -33,7 +33,7 @@ Since it is real-time, in a matter of minutes, you will see vulnerability inform
|
||||
|
||||
## Navigate to the Software inventory page
|
||||
|
||||
You can access the Software inventory page by selecting **Software inventory** from the Threat & Vulnerability Management navigation menu in the [Microsoft Defender Security Center](portal-overview.md).
|
||||
You can access the Software inventory page by selecting **Software inventory** from the threat and vulnerability management navigation menu in the [Microsoft Defender Security Center](portal-overview.md).
|
||||
|
||||
View software on specific devices in the individual devices pages from the [devices list](machines-view-overview.md).
|
||||
|
||||
@ -78,13 +78,13 @@ You can report a false positive when you see any vague, inaccurate version, inco
|
||||
1. Open the software flyout on the Software inventory page.
|
||||
2. Select **Report inaccuracy**.
|
||||
3. From the flyout pane, select the inaccuracy category from the drop-down menu, fill in your email address, and details regarding the inaccuracy.
|
||||
4. Select **Submit**. Your feedback is immediately sent to the Threat & Vulnerability Management experts.
|
||||
4. Select **Submit**. Your feedback is immediately sent to the threat and vulnerability management experts.
|
||||
|
||||
## Related topics
|
||||
|
||||
- [Threat & Vulnerability Management overview](next-gen-threat-and-vuln-mgt.md)
|
||||
- [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
|
||||
- [Supported operating systems and platforms](tvm-supported-os.md)
|
||||
- [Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md)
|
||||
- [Threat and vulnerability management dashboard](tvm-dashboard-insights.md)
|
||||
- [Exposure score](tvm-exposure-score.md)
|
||||
- [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md)
|
||||
- [Security recommendations](tvm-security-recommendation.md)
|
||||
@ -93,4 +93,4 @@ You can report a false positive when you see any vague, inaccurate version, inco
|
||||
- [Event timeline](threat-and-vuln-mgt-event-timeline.md)
|
||||
- [Scenarios](threat-and-vuln-mgt-scenarios.md)
|
||||
- [APIs](next-gen-threat-and-vuln-mgt.md#apis)
|
||||
- [Configure data access for Threat & Vulnerability Management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
|
||||
- [Configure data access for threat and vulnerability management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Threat & Vulnerability Management supported operating systems and platforms
|
||||
description: Before you begin, ensure that you meet the operating system or platform requisites for Threat & Vulnerability Management so the activities in your all devices are properly accounted for.
|
||||
keywords: threat & vulnerability management, operating system, platform requirements, prerequisites, mdatp-tvm supported os, mdatp-tvm, risk-based threat & vulnerability management, security configuration, Microsoft Secure Score for Devices, exposure score
|
||||
title: Supported operating systems and platforms for threat and vulnerability management
|
||||
description: Before you begin, ensure that you meet the operating system or platform requisites for threat and vulnerability management so the activities in your all devices are properly accounted for.
|
||||
keywords: threat & vulnerability management, threat and vulnerability management, operating system, platform requirements, prerequisites, mdatp-tvm supported os, mdatp-tvm, risk-based threat & vulnerability management, security configuration, Microsoft Secure Score for Devices, exposure score
|
||||
search.appverid: met150
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.prod: w10
|
||||
@ -16,7 +16,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: article
|
||||
---
|
||||
# Threat & Vulnerability Management supported operating systems and platforms
|
||||
# Supported operating systems and platforms for threat and vulnerability management
|
||||
|
||||
**Applies to:**
|
||||
|
||||
@ -24,7 +24,7 @@ ms.topic: article
|
||||
|
||||
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
|
||||
|
||||
Before you begin, ensure that you meet the following operating system or platform requisites for Threat & Vulnerability Management so the activities in your devices are properly accounted for.
|
||||
Before you begin, ensure that you meet the following operating system or platform requisites for threat and vulnerability management so the activities in your devices are properly accounted for.
|
||||
|
||||
Operating system | Security assessment support
|
||||
:---|:---
|
||||
@ -43,8 +43,8 @@ Some of the above prerequisites might be different from the [Minimum requirement
|
||||
|
||||
## Related topics
|
||||
|
||||
- [Threat & Vulnerability Management overview](next-gen-threat-and-vuln-mgt.md)
|
||||
- [Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md)
|
||||
- [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
|
||||
- [Threat and vulnerability management dashboard](tvm-dashboard-insights.md)
|
||||
- [Exposure score](tvm-exposure-score.md)
|
||||
- [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md)
|
||||
- [Security recommendations](tvm-security-recommendation.md)
|
||||
@ -54,4 +54,4 @@ Some of the above prerequisites might be different from the [Minimum requirement
|
||||
- [Event timeline](threat-and-vuln-mgt-event-timeline.md)
|
||||
- [Scenarios](threat-and-vuln-mgt-scenarios.md)
|
||||
- [APIs](next-gen-threat-and-vuln-mgt.md#apis)
|
||||
- [Configure data access for Threat & Vulnerability Management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
|
||||
- [Configure data access for threat and vulnerability management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Weaknesses
|
||||
title: Weaknesses found by threat and vulnerability management
|
||||
description: Microsoft Defender Security Center offers a Weaknesses page, which lists vulnerabilities found in the infected software running in your organization.
|
||||
keywords: mdatp threat & vulnerability management, mdatp tvm weaknesses page, finding weaknesses through tvm, tvm vulnerability list, vulnerability details in tvm
|
||||
keywords: mdatp threat & vulnerability management, threat and vulnerability management, mdatp tvm weaknesses page, finding weaknesses through tvm, tvm vulnerability list, vulnerability details in tvm
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
search.appverid: met150
|
||||
ms.prod: w10
|
||||
@ -16,7 +16,7 @@ audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
---
|
||||
# Weaknesses
|
||||
# Weaknesses found by threat and vulnerability management
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
|
||||
@ -25,7 +25,7 @@ ms.topic: conceptual
|
||||
|
||||
[!include[Prerelease information](../../includes/prerelease.md)]
|
||||
|
||||
Threat & Vulnerability Management leverages the same signals in Microsoft Defender ATP's endpoint protection to scan and detect vulnerabilities.
|
||||
Threat and vulnerability management leverages the same signals in Microsoft Defender ATP's endpoint protection to scan and detect vulnerabilities.
|
||||
|
||||
The **Weaknesses** page lists down the vulnerabilities found in the infected software running in your organization by listing the Common Vulnerabilities and Exposures (CVE) ID, the severity, Common Vulnerability Scoring System (CVSS) rating, prevalence in your organization, corresponding breach, and threat insights.
|
||||
|
||||
@ -40,12 +40,12 @@ The **Weaknesses** page lists down the vulnerabilities found in the infected sof
|
||||
|
||||
Access the Weaknesses page a few different ways:
|
||||
|
||||
- Selecting **Weaknesses** from the Threat & Vulnerability Management navigation menu in the [Microsoft Defender Security Center](portal-overview.md)
|
||||
- Selecting **Weaknesses** from the threat and vulnerability management navigation menu in the [Microsoft Defender Security Center](portal-overview.md)
|
||||
- Global search
|
||||
|
||||
### Navigation menu
|
||||
|
||||
Go to the Threat & Vulnerability Management navigation menu and select **Weaknesses** to open the list of CVEs.
|
||||
Go to the threat and vulnerability management navigation menu and select **Weaknesses** to open the list of CVEs.
|
||||
|
||||
### Vulnerabilities in global search
|
||||
|
||||
@ -80,7 +80,7 @@ The threat insights icon is highlighted if there are associated exploits in the
|
||||
|
||||
### Top vulnerable software in the dashboard
|
||||
|
||||
1. Go to the [Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md) and scroll down to the **Top vulnerable software** widget. You will see the number of vulnerabilities found in each software along with threat information and a high-level view of the device exposure trend over time.
|
||||
1. Go to the [threat and vulnerability management dashboard](tvm-dashboard-insights.md) and scroll down to the **Top vulnerable software** widget. You will see the number of vulnerabilities found in each software along with threat information and a high-level view of the device exposure trend over time.
|
||||
|
||||
|
||||
|
||||
@ -119,13 +119,13 @@ You can report a false positive when you see any vague, inaccurate, incomplete,
|
||||
1. Open the CVE on the Weaknesses page.
|
||||
2. Select **Report inaccuracy**.
|
||||
3. From the flyout pane, select the inaccuracy category from the drop-down menu, fill in your email address, and details regarding the inaccuracy.
|
||||
4. Select **Submit**. Your feedback is immediately sent to the Threat & Vulnerability Management experts.
|
||||
4. Select **Submit**. Your feedback is immediately sent to the threat and vulnerability management experts.
|
||||
|
||||
## Related topics
|
||||
|
||||
- [Threat & Vulnerability Management overview](next-gen-threat-and-vuln-mgt.md)
|
||||
- [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
|
||||
- [Supported operating systems and platforms](tvm-supported-os.md)
|
||||
- [Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md)
|
||||
- [Threat and vulnerability management dashboard](tvm-dashboard-insights.md)
|
||||
- [Exposure score](tvm-exposure-score.md)
|
||||
- [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md)
|
||||
- [Security recommendations](tvm-security-recommendation.md)
|
||||
@ -134,4 +134,4 @@ You can report a false positive when you see any vague, inaccurate, incomplete,
|
||||
- [Event timeline](threat-and-vuln-mgt-event-timeline.md)
|
||||
- [Scenarios](threat-and-vuln-mgt-scenarios.md)
|
||||
- [APIs](next-gen-threat-and-vuln-mgt.md#apis)
|
||||
- [Configure data access for Threat & Vulnerability Management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
|
||||
- [Configure data access for threat and vulnerability management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
|
||||
Loading…
x
Reference in New Issue
Block a user