Microsoft Defender Vulnerability Management Preview

Reduce cybersecurity risk with continuous vulnerability discovery and assessment, risk-based prioritization, and remediation.

Try for free
Download the datasheet

Defender Vulnerability Management is now in public preview

Explore all Microsoft vulnerability management tools in a free trial of Defender Vulnerability Management. Defender for Endpoint Plan 2 customers can also extend threat and vulnerability management with new capabilities.

Watch the video
Read the announcement

Risk-based vulnerability management

Reduce risk with continuous vulnerability assessment, risk-based prioritization, and remediation.

Know what to protect

Discover and assess all your organization’s assets in a single view. Eliminate periodic scans with continuous monitoring and alerts. Detect risk even when devices are not connected to the corporate network.

Get advanced assessment tools

Understand your cyberexposure and relevant threat and business contexts in one place. Proactively prevent breaches with risk assessments using Microsoft benchmarks and industry standards, including CIS and STIG.

Prioritize what’s important

Quickly remediate the biggest vulnerabilities on your most critical assets. Prioritize risks using Microsoft threat intelligence, likelihood predictions, business contexts, and device reports.

Remediate and track progress

Bridge the gap between security and IT teams. Help reduce risk with automated remediation tools, including blocking of vulnerable apps, built-in workflows, and real-time measurements to seamlessly track progress across the organization.

Help reduce cybersecurity risk

Learn how our discovery tools, asset inventories, threat intelligence, and built-in workflows help security teams reduce risk.

Key capabilities

Proactively reduce risk to your organization with Defender Vulnerability Management.

Device inventory showing a list of computers and mobile phones in Microsoft 365 Defender.

Asset discovery and inventory

Detect risk across managed and unmanaged endpoints with built-in-modules and agentless scanners, even when devices aren’t connected to the corporate network.

Software inventory showing a list of applications in Microsoft 365 Security.

Continuous vulnerability and misconfiguration assessments

Eliminate periodic scans and access entity-level inventories of devices, software, digital certificates, and browser extensions.

A baseline compliance overview in Microsoft 365 Security.

Security baselines assessment

Continuously assess endpoints and customize profiles against Microsoft benchmarks and industry standards, including CIS and STIG.

A list of weaknesses and vulnerabilities found in Microsoft 365 Security.

Expert-level threat monitoring and analysis

Use Microsoft threat intelligence, breach likelihood analysis, business contexts, and endpoint assessments to understand and prioritize vulnerabilities.

A list of security recommendations in Microsoft 365 Security.

Prioritized security recommendations

Focus on threats that pose the highest risk with a single view of prioritized recommendations from multiple security feeds.

A list of remediation activities in Microsoft 365 Security.

Block vulnerable applications

Proactively block known vulnerable versions of apps or warn users with customized desktop alerts.

A list of blocked apps in Microsoft 365 Security.

Seamlessly remediate and track progress

Connect teams with built-in workflows and integrations. Track progress and trends in real time with remediation tracking and device reports.

Device inventory showing a list of computers and mobile phones in Microsoft 365 Defender.

Asset discovery and inventory

Detect risk across managed and unmanaged endpoints with built-in-modules and agentless scanners, even when devices aren’t connected to the corporate network.

Software inventory showing a list of applications in Microsoft 365 Security.

Continuous vulnerability and misconfiguration assessments

Eliminate periodic scans and access entity-level inventories of devices, software, digital certificates, and browser extensions.

A baseline compliance overview in Microsoft 365 Security.

Security baselines assessment

Continuously assess endpoints and customize profiles against Microsoft benchmarks and industry standards, including CIS and STIG.

A list of weaknesses and vulnerabilities found in Microsoft 365 Security.

Expert-level threat monitoring and analysis

Use Microsoft threat intelligence, breach likelihood analysis, business contexts, and endpoint assessments to understand and prioritize vulnerabilities.

A list of security recommendations in Microsoft 365 Security.

Prioritized security recommendations

Focus on threats that pose the highest risk with a single view of prioritized recommendations from multiple security feeds.

A list of remediation activities in Microsoft 365 Security.

Block vulnerable applications

Proactively block known vulnerable versions of apps or warn users with customized desktop alerts.

A list of blocked apps in Microsoft 365 Security.

Seamlessly remediate and track progress

Connect teams with built-in workflows and integrations. Track progress and trends in real time with remediation tracking and device reports.

Compare flexible purchase options

Explore the comprehensive capabilities in Defender Vulnerability Management and in the Defender Vulnerability Management premium add-on for Defender for Endpoint Plan 2 customers.

New

Microsoft Defender Vulnerability Management

Learn more

Get the full set of vulnerability management capabilities in Defender for Endpoint Plan 2 and new advanced tools, including security baselines assessment, certificate and plug-in assessments, and blocking of vulnerable apps.

Key Features

  • Unified security tools and centralized management
  • Discovery of unmanaged and managed devices
  • Inventory of managed devices
  • Inventory of network devices
  • Security baselines assessment
  • Authenticated scans for Windows devices
  • Browser plug-ins assessment
  • Digital certificates assessment
  • Network shares analysis
  • Block vulnerable applications
  • Vulnerability assessment
  • Configuration assessment
  • Continuous monitoring
  • Threat analytics and threat intelligence
  • Risk-based prioritization
  • Remediation tracking

New

Microsoft Defender Vulnerability Management add-on

Try for free

Defender for Endpoint Plan 2 customers get advanced tools, including security baselines assessment, certificate and plug-in assessments, and blocking of vulnerable apps.

Key Features

  • Unified security tools and centralized management
  • Discovery of unmanaged and managed devices
  • Inventory of managed devices
  • Inventory of network devices
  • Security baselines assessment
  • Authenticated scans for Windows devices
  • Browser plug-ins assessment
  • Digital certificates assessment
  • Network shares assessment
  • Block vulnerable applications

Related products

Microsoft Defender for Endpoint

Defender for Endpoint delivers leading endpoint security to rapidly stop attacks, scale your security resources, and evolve your defenses.

Learn more

Microsoft Secure Score

Microsoft Secure Score provides visibility, assessment, and intelligent guidance to strengthen your security.

Learn more

Microsoft Defender for Servers

Defender for Servers is a workload protection plan that provides advanced threat protection for servers running in Azure, AWS, GCP, and on premises.

Learn more

Documentation and latest updates

Defender Vulnerability Management documentation

Learn about each capability in depth and how it can help you protect your organization.

Learn more

Download the solution brief

Explore how Defender Vulnerability Management helps discover, assess, and remediate risk.

Download

Latest updates

Learn about the latest innovations in vulnerability management from Microsoft.

Read the blogs

Get started

Explore all modern vulnerability management capabilities from Microsoft with a free trial.

Learn more
Contact us

Defender Vulnerability Management delivers asset visibility, intelligent assessments, and built-in remediation tools for Windows, macOS, Linux, Android, iOS, and network devices to prioritize and address critical vulnerabilities and misconfigurations across your organization. It provides continuous monitoring and alerts through the agent-based module built into devices and authenticated scanning. Using Microsoft threat intelligence, breach likelihood predictions, business contexts, and device assessments. Defender Vulnerability Management rapidly and continuously prioritizes the biggest vulnerabilities on your most critical assets and provides security recommendations to mitigate risk. Automated remediation tools, built-in workflows, and real-time measurements through your organization’s exposure score, Microsoft Secure Score for Devices, and security baselines assessment empower teams to bridge workflow gaps, quickly reduce risk, and track progress across the organization.