What Defender Vulnerability Management Does
Microsoft Defender Vulnerability Management builds on the core vulnerability detection capabilities within Microsoft Defender for Endpoint. It adds features like security baseline assessments, detailed browser extension vulnerability reporting, a centralised certificate inventory, network share vulnerability scans, and hardware/firmware asset discovery. A key differentiator is the Microsoft Exposure Score, which provides a consolidated view of risk across your environment, helping to prioritise remediation efforts.
Defender Vulnerability Management in Australian Tenants Today
For AU mid-market organisations, DVM is vital for meeting obligations under the ACSC Essential Eight Maturity Levels 1 and 2, particularly regarding timely patching. Critical vulnerabilities require remediation within 48 hours, while high-severity vulnerabilities need addressing within two weeks. DVM’s prioritisation aligns with the ACSC monthly advisory cycle, ensuring focus on the most pressing threats. An alternative approach is Defender for Endpoint Plan 2 combined with DVM as a standalone licence, offering flexibility in your Microsoft 365 security stack.