New Threat & Vulnerability Management capabilities in Defender ATP

Microsoft announces the following new capabilities that will go into public preview this month:

• Vulnerability Assessment (VA) support for Windows Servers 2008 R2 and above
• Integration with ServiceNow for improved IT/Security communication
• Advanced hunting across vulnerabilities and security alerts
• Role-based access controls (RBAC) for teams focusing on vulnerability management
• Automated user-impact analysis

The ServiceNow integration is very easy. Just follow the guide in the settings tab

This feature provides one-click remediation request via Service Now to other IT teams.

TVM capabilities – Let’s use in hunting 🙂

RBAC – more granular control

Happy Hunting!