For example, Microsoft Defender for Endpoint identifies that devices lack protection from Potentially Unwanted Applications (PUA). The Contoso Media player is an unmanaged app that was deployed with Intune, and there could be a security update or newer version of an application that resolves the issue.Ĭonfiguration – Vulnerabilities or risks in your environment can be mitigated through use of Intune endpoint security policies. For example, Microsoft Defender for Endpoint identifies a vulnerability for an app named Contoso Media Player v4, and an admin creates a security task to update that app. When a task is accepted, the Intune admin then acts to remediate the vulnerability through Intune, using the guidance provided as part of the security task.Įach task is identified by a Remediation Type:Īpplication – An application is identified that has a vulnerability or issue you can mitigate with Intune. The Intune admin chooses to accept or reject the task. The security task identifies the type of vulnerability, priority, status, and the steps to take to remediate the vulnerability. The security tasks are immediately passed to the Microsoft Intune admin center where Intune admins can view them. The admins then use a few clicks to create security tasks that flag the vulnerable devices for remediation. In the Microsoft Defender Security Center console, Defender for Endpoint security admins review data about endpoint vulnerabilities. Not all issues that Defender for Endpoint flags for remediation support remediation through the creation of a security task for Intune.They're based on Microsoft Defender for Endpoint configurations and scan details.
Vulnerabilities that are discovered aren't based on configurations from Intune.How integration worksĪfter you connect Intune to Microsoft Defender for Endpoint, Defender for Endpoint receives threat and vulnerability details from managed devices. Threat & Vulnerability Management is part of Microsoft Defender for Endpoint. This integration brings a risk-based approach to the discovery and prioritization of vulnerabilities that can improve remediation response time across your environment. When you integrate Intune with Microsoft Defender for Endpoint, you can take advantage of Defender for Endpoint's threat and vulnerability management and use Intune to remediate endpoint weakness identified by Defender's vulnerability management capability.
0 kommentar(er)
