Microsoft Threat & Vulnerability Management (TVM), a built-in capability in Microsoft Defender Advanced Threat Protection, is now generally available.
TVM helps organizations identify, prioritize and remediate endpoint vulnerabilities and misconfigurations, according to Microsoft. It offers continuous discovery of vulnerabilities and misconfigurations, along with prioritization based on business context and threat landscape.
Furthermore, TVM provides machine-level context during incident investigations, Microsoft indicated. TVM also delivers real-time endpoint detection and response (EDR) insights correlated with endpoint vulnerabilities.
How Does TVM Work?
TVM uses two metrics to help organizations identify and eliminate cyber threats: exposure score and configuration score. Exposure score measures current exposure associated with devices in an organization based on vulnerabilities, threats and business context; comparatively, configuration score reflects the security posture of an organization's devices based on security best practices.
TVM also provides real-time exposure and configuration score visualizations. In doing so, TVM helps organizations continuously assess their exposure and configuration scores based on environmental changes.
What Does TVM Mean for MSSPs?
MSSPs can leverage TVM to capitalize on the rising demand for threat and vulnerability management solutions among global organizations.
Global security and vulnerability market revenues are projected to increase at a compound annual growth rate (CAGR) of 9.3 percent between 2018 and 2026, according to industry analyst Research and Markets. These revenues also could total nearly $13.7 billion by 2026.