Microsoft Defender Vulnerability Management

Security baseline assessment

  • Go to Baseline assessment
  • Go to Profiles
  • Select Create
  • Name & description
  • Software (Windows version), Base benchmark (CIS or STIG), Compliance level (e.g. level 1, level 2, etc.)
  • Add configuration settings (password policy, account lockout policy, etc.)
  • Devices (all device groups or selected device group(s) including tags option)
  • Review and submit

Block vulnerable applications

  • Go to Vulnerability management > Recommendations
  • Select a security recommendations (type update non-Microsoft software) and select Request remediation.
    If remediation request & remediation action is not available: (1) Microsoft application, (2) Operating systems, (3) apps for MacOS or Linux and (4) not enough information available.
  • Device scope (all device groups or selected device groups)
  • Remediation request (software update (recommended), software uninstall, remediation due date, etc.)
  • Remediation action (None, Warn or Block)
  • Review and finish

Browser extensions

  • Go to Vulnerability management > Software inventory
  • Select Browser extensions

Digital certificate assessment

  • Go to Vulnerability management > Software inventory
  • Select Certificates

Network share analysis

  • Go to Vulnerability management > Recommendations
  • Select Filters and choose Related component > OS > Shares
  • Disallow offline access to shares
  • Remove share write permissions set to ‘Everyone’
  • Remove shares from the root folder

--

--

--

Chief Technology Officer @ Nedscaper

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Announcing Our Investment In Uplevel Security

My first attack (De-auth attack)

Zenlink tutorial — next generation of DEX on polkadot

Register now to become a DeFiFarms ambassador

Recover password for TP-Link TL-WR841N router

Mound Weekly Bulletin — Aug 3rd 2021

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Derk van der Woude

Derk van der Woude

Chief Technology Officer @ Nedscaper

More from Medium

Threat hunting in light of the claimed breach of OKTA

Splunk Enterprise — Q&A — 2

Your Own Free Security Incident Response Platform in Minutes

Let’s Create an Incident Response Plan