You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: memdocs/intune/protect/atp-manage-vulnerabilities.md
+9-5Lines changed: 9 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -2,12 +2,12 @@
2
2
# required metadata
3
3
4
4
title: Use Intune to remediate vulnerabilities found by Microsoft Defender for Endpoint
5
-
description: See how to manage security tasks from and Threat & vulnerability Management, part of Microsoft Defender for Endpoint from within the Intune console.
5
+
description: See how to manage security tasks from and Threat & vulnerability Management, part of Microsoft Defender for Endpoint from within the Intune console.
6
6
keywords:
7
7
author: brenduns
8
8
ms.author: brenduns
9
9
manager: dougeby
10
-
ms.date: 05/01/2021
10
+
ms.date: 11/30/2021
11
11
ms.topic: how-to
12
12
ms.service: microsoft-intune
13
13
ms.subservice: protect
@@ -40,7 +40,7 @@ After you connect Intune to Microsoft Defender for Endpoint, Defender for Endpoi
40
40
- Vulnerabilities that are discovered are not based on configurations from Intune. They are based on Microsoft Defender for Endpoint configurations and scan details.
41
41
- Only issues that can be remediated by Intune are raised as security tasks for Intune.
42
42
43
-
In the Microsoft Defender Security Center console, Defender for Endpoint security admins review data about endpoint vulnerabilities. The admins then use a single-click to create security tasks that flag the vulnerable devices for remediation. The security tasks are immediately passed to the Intune console where Intune admins can view them. The security task identifies the type of vulnerability, priority, status, and the steps to take to remediate the vulnerability. The Intune admin chooses to accept or reject the task.
43
+
In the Microsoft Defender Security Center console, Defender for Endpoint security admins review data about endpoint vulnerabilities. The admins then use a a few clicks to create security tasks that flag the vulnerable devices for remediation. The security tasks are immediately passed to the Microsoft Endpoint Manager admin center where Intune admins can view them. The security task identifies the type of vulnerability, priority, status, and the steps to take to remediate the vulnerability. The Intune admin chooses to accept or reject the task.
44
44
45
45
When a task is accepted, the Intune admin then acts to remediate the vulnerability through Intune, using the guidance provided as part of the security task.
46
46
@@ -76,7 +76,7 @@ Following is an example workflow for an application. This same general workflow
76
76
77
77
Because the media player in this example isn't a managed app, Intune can only provide text instructions. If the app was managed, Intune could provide instructions to download an updated version, and provide a link to open the deployment for the app so that the updated files can be added to the deployment.
78
78
79
-
- After completing the remediation, the Intune admin opens the security task and selects **Complete Task**. The remediation status is updated for Intune and in Defender for Endpoint, where security admins confirm the revised status for the vulnerability.
79
+
- After completing the remediation, the Intune admin opens the security task and selects **Complete Task**. The remediation status is updated for Intune and in Defender for Endpoint, where security admins confirm the revised status for the vulnerability.
80
80
81
81
## Prerequisites
82
82
@@ -94,6 +94,10 @@ Following is an example workflow for an application. This same general workflow
94
94
95
95
## Work with security tasks
96
96
97
+
Before you can work with security tasks, they must be created from within the Defender Security Center. For information on using the Microsoft Defender Security Center to create security tasks, see [Remediate vulnerabilities with threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-remediation?view=o365-worldwide#request-remediation) in the Defender for Endpoint documentation.
98
+
99
+
To manage security tasks:
100
+
97
101
1. Sign in to the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
@@ -113,7 +117,7 @@ Following is an example workflow for an application. This same general workflow
113
117
114
118
When it's possible to do so, the remediation instructions include links that open the relevant configuration objects in the Intune console.
115
119
116
-
6. After completing the remediation steps, open the security task and select **Complete Task**. This action updates the security task status in both Intune and Defender for Endpoint.
120
+
6. After completing the remediation steps, open the security task and select **Complete Task**. This action updates the security task status in both Intune and Defender for Endpoint.
117
121
118
122
After remediation is successful, the risk exposure score in Microsoft Defender for Endpoint can drop, based on new information from the remediated devices.
0 commit comments