Tag Archive: 3rd party

Threat and Vulnerability management with Defender ATP

Until today you had to keep track on vulnerabilities in applications, create your custom dashboards and use 3rd party systems for the inventory.

Today microsoft released Threat and Vulnerability Management Dashboard as a part of Defender ATP.

TVM Dashboard

This dashboard provides a lot of insight in your environment with cloud scale, even the systems which are never in the office.

You can find the new dashboard by clicking on the little castle with the flag in the menu bar.

Dashboard

This part gives you a full overview of vulnerabilities like

  • Exposure Score
  • Configuration Score
  • Top vulnerable applications
  • Top exposed machines
  • Top remediation activities
  • Exposure distribution

You are also presented with the top security recommendations


Security Recommendations

In the security recommendations view you can view and sort based on components, remediation type etc

If we look at the details for one of the entries we can se a description, vulernability details, the affected machines and related CVE’s

security recommendation details

If we from this view clicks on Open Sofware page, we can see further details

If we from this view opens one of the items, we can see the risks, category and other ID’s

Working with remedation plans

We can create activities and set the due date for that activity

This an also be exported to a CSV file

When we have selected items for remediation we can look in the remediation view for follow up

Sofware Inventory

In this part we get an overview of all applications, weaknesses and if there are any known exploits.

The information from TVM is also linked to the machine page

Happy Hunting!