Prioritize and remediate vulnerabilities
With vulnerability management, Microsoft Defender for IoT in the Defender portal provides extended coverage for operational technology (OT) networks, gathers OT device data into one place, and displays the data with the other devices on your network.
In this article, you learn how to investigate vulnerabilities and take recommended remediation actions.
Learn more about how Defender for IoT discovers vulnerabilities.
Important
This article discusses Microsoft Defender for IoT in the Defender portal (Preview).
If you're an existing customer working on the classic Defender for IoT portal (Azure portal), see the Defender for IoT on Azure documentation.
Learn more about the Defender for IoT management portals.
Some information in this article relates to a prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, with respect to the information provided here.
Investigate vulnerabilities
In the Defender portal, select Endpoints > Vulnerability management > Weaknesses.
Set filter settings as you need them. If device groups are created for your sites, you can use them filter the weaknesses page.
- Select Filter by device groups.
- Select a device group.
- Select Apply.
Select a Common Vulnerabilities and Exposures (CVE) ID.
A side panel opens with the CVE ID as the title, and the Vulnerability details tab visible. You can also select the Exposed devices and Affected software tabs.
Select Go to related security recommendation.
The Security recommendations page opens, filtered to show the CVE you're investigating.
Select a recommendation. A side panel opens. Do one of the following:
- Select Request remediation and follow the Request remediation instructions. This sends a request to the relevant team to perform the remediation.
- Select Exception options and fill in the details. For more information, see justification for an exception. To complete, select Submit.