As part of the October update, Azure Defender is now integrated with Microsoft Threat and Vulnerability Management (TVM) which is now in public preview!
This is an amazing set of features which we are so pumped to tell you more about! Here’s a simple breakdown of the new release in preview as of 06/10/2021:
Software Inventory For Servers (in preview)
The asset inventory page now has a filter to display machines running specific 3rd party applications and even the version. This is for Azure Defender customers using the MDE integration and you can even query the software inventory data in Azure Resource Graph Explorer.
TVM Vulnerability Assessment For Servers (in preview)
The integration between Azure Defender for servers and Microsoft Defender for Endpoint has been extended for Azure Defender customers where you can now select TVM as the vulnerability assessment provider for servers, without additional installations. Discover vulnerabilities and misconfigurations in near real time with the MDE integration enabled. No agents or one-time scans and prioritised vulnerabilities based on your workload and the latest threat intel.
Onboarding At-Scale For Vulnerability Assessment (in preview)
Security Center’s auto provisioning page now includes the option to automatically enable a vulnerability assessment solution for those resources protected by Azure Defender for Servers. A conversation I hear all the time with our customers is around the time of investment of configuring enterprise grade environments and this is one of many ways we want to reduce that time to adoption and accelerate project progress to help you achieve your business objectives.
If you also have MDE enabled, you can choose from either the MTVM or integrated qualys agent.
Reduce your dependency on legacy and siloed 3rd party programs. Use native built-in functionality where possible to reduce your attack surface. Remove unnecessary administrative effort, especially for enterprise grade deployments.
See release notes for more details:
- Software inventory filters added to asset inventory (in preview)
- Microsoft Threat and Vulnerability Management added as vulnerability assessment solution (in preview)
- Vulnerability assessment solutions can now be auto enabled (in preview)
- Release notes for Azure Security Center | Microsoft Docs
Resource Credit: Aviv Mor + ASC team