Microsoft Defender Vulnerability Management Adds 'Authenticated Scan for Windows' Capability

Microsoft this week announced that its Microsoft Defender Vulnerability Management solution can now scan Windows devices that are lacking certain agent support.

This capability, called "authenticated scan for Windows," lets organizations "get complete vulnerability assessment coverage without reliance on an agent." It'll work for Windows devices that don't have, or can't deploy, the "Defender Vulnerability Management or Defender for Endpoint agent." Devices running older versions of Windows may not be able to install those agents, the announcement explained.

Authenticated scan for Windows also enables Microsoft Defender Vulnerability Management to target unmanaged Windows devices for regular scans, according to this Microsoft document.

The authenticated scan for Windows feature is set up using the Microsoft 365 Defender Portal. While this capability doesn't depend on installed agents on devices, it does require setting up a "scanner device" using a Group Managed Service Account. Those setup details are fairly complex, as described in Microsoft's document.

Microsoft Defender Vulnerability Management is still at the preview stage since its initial release as a preview back in May. It's billed by Microsoft as "a single solution offering the full set of Microsoft's vulnerability management capabilities." It's designed to protect against threats to Windows, Linux, macOS, Android and iOS devices.

Microsoft has been adding new capabilities to the Microsoft Defender Vulnerability Management product. In June, Microsoft added the ability for the product to determine when software lacks fixes for reported common vulnerabilities and exposures (CVEs). In November, Microsoft announced that Microsoft Defender Vulnerability Management had the ability to detect firmware vulnerabilities, too.

Microsoft has already described the future pricing for the Microsoft Defender Vulnerability Management product. When launched, it'll be offered as a new "standalone" product and add-on option for E5 customers and Microsoft Defender for Endpoint Plan 2 subscribers.

This product is an example of Microsoft's somewhat new add-on approach for its security products. Top-of-the-line E5 subscribers will have to pay extra for some new product innovations, if wanted, via add-on purchases.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.


comments powered by Disqus

Subscribe on YouTube