mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-17 03:13:44 +00:00
Merge branch 'master' into repo_sync_working_branch
This commit is contained in:
@ -14,7 +14,7 @@ ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.topic: overview
|
||||
---
|
||||
|
||||
# Threat and vulnerability management
|
||||
|
@ -23,10 +23,10 @@ ms.topic: article
|
||||
|
||||
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|
||||
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
|
||||
- [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
|
||||
|
||||
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
|
||||
|
||||
@ -54,14 +54,23 @@ Examples of devices that should be assigned a high value:
|
||||
1. Navigate to any device page, the easiest place is from the device inventory.
|
||||
|
||||
2. Select **Device value** from three dots next to the actions bar at the top of the page.
|
||||

|
||||
|
||||
<br><br>
|
||||

|
||||
|
||||
3. A flyout will appear with the current device value and what it means. Review the value of the device and choose the one that best fits your device.
|
||||

|
||||
|
||||
## How device value impacts your exposure score
|
||||
|
||||
The exposure score is a weighted average across all devices. If you have device groups, you can also filter the score by device group.
|
||||
|
||||
- Normal devices have a weight of 1
|
||||
- Low value devices have a weight of 0.75
|
||||
- High value devices have a weight of NumberOfAssets / 10.
|
||||
- If you have 100 devices, each high value device will have a weight of 10 (100/10)
|
||||
|
||||
## Related topics
|
||||
|
||||
- [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
|
||||
- [Exposure Score](tvm-exposure-score.md)
|
||||
- [APIs](next-gen-threat-and-vuln-mgt.md#apis)
|
@ -25,6 +25,7 @@ ms.topic: conceptual
|
||||
**Applies to:**
|
||||
|
||||
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
|
||||
|
||||
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
|
||||
|
||||
|
@ -22,7 +22,6 @@ ms.topic: conceptual
|
||||
|
||||
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|
||||
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
|
||||
|
@ -23,6 +23,7 @@ ms.topic: conceptual
|
||||
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
|
||||
- [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
|
||||
|
||||
|
@ -26,6 +26,7 @@ ms.topic: conceptual
|
||||
**Applies to:**
|
||||
|
||||
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
|
||||
|
||||
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
|
||||
|
||||
|
@ -26,6 +26,7 @@ ms.topic: article
|
||||
**Applies to:**
|
||||
|
||||
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
|
||||
|
||||
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
|
||||
|
||||
|
@ -22,10 +22,10 @@ ms.topic: conceptual
|
||||
|
||||
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|
||||
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
|
||||
|
||||
>[!NOTE]
|
||||
> Configuration score is now part of threat and vulnerability management as Microsoft Secure Score for Devices.
|
||||
|
@ -24,6 +24,7 @@ ms.topic: conceptual
|
||||
**Applies to:**
|
||||
|
||||
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
|
||||
- [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
|
||||
|
||||
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
|
||||
|
||||
|
@ -24,6 +24,7 @@ ms.topic: conceptual
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
|
||||
|
||||
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
|
||||
|
||||
|
@ -10,7 +10,7 @@ ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
author: jogeurte
|
||||
author: jgeurten
|
||||
ms.reviewer: isbrahm
|
||||
ms.author: dansimp
|
||||
manager: dansimp
|
||||
@ -29,13 +29,11 @@ Microsoft has strict requirements for code running in kernel. Consequently, mali
|
||||
- Hypervisor-protected code integrity (HVCI) enabled devices
|
||||
- Windows 10 in S mode (S mode) devices
|
||||
|
||||
Microsoft recommends enabling [HVCI](https://docs.microsoft.com/en-us/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity) or S mode to protect your devices against security threats. If this is not possible, Microsoft recommends blocking the following list of drivers by merging this policy with your existing Windows Defender Application Control policy. Blocking kernel drivers without sufficient testing can result in devices or software to malfunction, and in rare cases, blue screen. It is recommended to first validate this policy in [audit mode](audit-windows-defender-application-control-policies.md) and review the audit block events.
|
||||
|
||||
Microsoft recommends enabling [HVCI](https://docs.microsoft.com/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity) or S mode to protect your devices against security threats. If this is not possible, Microsoft recommends blocking the following list of drivers by merging this policy with your existing Windows Defender Application Control policy. Blocking kernel drivers without sufficient testing can result in devices or software to malfunction, and in rare cases, blue screen. It is recommended to first validate this policy in [audit mode](audit-windows-defender-application-control-policies.md) and review the audit block events.
|
||||
|
||||
> [!Note]
|
||||
> This application list will be updated with the latest vendor information as application vulnerabilities are resolved and new issues are discovered. It is recommended that this policy be first validated in audit mode before rolling the rules into enforcement mode.
|
||||
|
||||
|
||||
```xml
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<SiPolicy xmlns="urn:schemas-microsoft-com:sipolicy">
|
||||
|
Reference in New Issue
Block a user