Select the software that you want to investigate. You can filter the list view based on weaknesses found in the software, threats associated with them, and tags like whether the software has reached end-of-support. The Software inventory page opens with a list of software installed in your network, including the vendor name, weaknesses found, threats associated with them, exposed devices, impact to exposure score, and tags. For example, for the best search results you'd write "windows_10" instead of "Windows 10". If you search for software using the Microsoft Defender for Endpoint global search, make sure to put an underscore instead of a space. View software on specific devices in the individual devices pages from the devices list. Navigate to the Software inventory pageĪccess the Software inventory page by selecting Software inventory from the threat and vulnerability management navigation menu in the Microsoft 365 Defender portal. It also provides a link to a Threat Analytics report soon as it's available. In fact, you'll see if a particular software is connected to a live threat campaign. The engine automatically grabs information from multiple security feeds. Since it's real time, in a matter of minutes, you'll see vulnerability information as they get discovered. In the field of discovery, we're leveraging the same set of signals that is responsible for detection and vulnerability assessment in Microsoft Defender for Endpoint detection and response capabilities. It also includes details such as the name of the vendor, number of weaknesses, threats, and number of exposed devices. Software products without an official CPE don't have vulnerabilities published. The software inventory in threat and vulnerability management is a list of known software in your organization with official Common Platform Enumerations (CPE).
Want to experience Defender for Endpoint? Sign up for a free trial. Software inventory - threat and vulnerability management