DGM. Technical Security at a tech services company with 1,001-5,000 employees
Reseller
Top 5
2025-05-16T09:09:48Z
May 16, 2025
I have not thought about improvements for Microsoft Defender Vulnerability Management as of now, but this is typically an operational maintenance process. The operational maintenance process refers to these products being part of day-to-day operations. Threats keep coming almost daily, and we need to run it, prioritize the risk, and apply the patches. I am not able to think of many features for improvement at this point in time. There should be risk scoring added to Microsoft Defender Vulnerability Management; specifically, they call it quantification of the risk. If they can provide peer site reviews or risk scoring, such as how my organization in the healthcare industry fares against my peers on average, it would be valuable information. This scoring should be for specific industries as well. If I belong to the healthcare industry using Microsoft Defender Vulnerability Management, it should provide me with a risk score and show how I fare against the risk score of my industry. If there are guidelines or insights on this, it will compel customers to reduce risk levels or improve their risk scores. The application block capabilities in Microsoft Defender Vulnerability Management are effective and up to the standards, as everybody is looking at open OSINT and open-source security packages. I think on CV scoring, they are aligned with the industry.
For our current usage, we do not have any complaints, but a potential improvement could be the introduction of a more advanced AI agent, possibly a large language model with better performance than the existing Microsoft Copilot.
The automated remediations can be more specific. However, the score and recommendation aspects are good. Currently, I do not see any significant challenges.
The constant changes in the product configuration or the console setup can sometimes be challenging. They can be disruptive because we need to adjust to these changes, which can interfere with ongoing tasks.
Learn what your peers think about Microsoft Defender Vulnerability Management. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
My company works closely with Microsoft, and we have requested a few additional features to be incorporated into the product since there are some shortcomings in the product. The setup phase of the product is not that easy and needs a person to have a certain level of expertise. The aforementioned area can be considered for improvement.
Integration can be improved. A substantial percentage of users operate on Windows 10, and Microsoft is urging the transition to Windows 11. Applications like Teams and Security CoPilot are stable on both platforms, but the full potential may be realized on Windows 11, which becomes more relevant as more users adopt it in the coming years.
Principal Consultant Cyber Security at a computer software company with 501-1,000 employees
Consultant
Top 10
2023-08-02T02:53:00Z
Aug 2, 2023
A few false positives demand legitimate customer mail requests, but the Defender flags them as vulnerabilities. They should be reduced. Along with it, small and medium enterprises should have customized environmental query features to help them save time. It will benefit organizations that don't have a large team with more technical experience. Additionally, it is challenging to extract and customize reports from the system. Customers typically seek reports that provide information on assets, vulnerabilities, CVSS scores, remediation, priority, and effort. Combining all this data into a single report is difficult because it requires merging information extracted from standard queries. To simplify this process, we should be able to create one customized query that concatenates all the relevant queries and make it accessible through GUI on the platform.
Microsoft Defender Vulnerability Management enables organizations to identify vulnerabilities, manage patches, and fortify threat detection. It offers endpoint assessments, cloud incident management, and dynamic security through Microsoft's Security Scorecard integration.Organizations leverage Microsoft Defender Vulnerability Management for advanced threat detection and response. It provides robust tools for vulnerability assessment and cloud incident management, integrated with Microsoft's...
I have not thought about improvements for Microsoft Defender Vulnerability Management as of now, but this is typically an operational maintenance process. The operational maintenance process refers to these products being part of day-to-day operations. Threats keep coming almost daily, and we need to run it, prioritize the risk, and apply the patches. I am not able to think of many features for improvement at this point in time. There should be risk scoring added to Microsoft Defender Vulnerability Management; specifically, they call it quantification of the risk. If they can provide peer site reviews or risk scoring, such as how my organization in the healthcare industry fares against my peers on average, it would be valuable information. This scoring should be for specific industries as well. If I belong to the healthcare industry using Microsoft Defender Vulnerability Management, it should provide me with a risk score and show how I fare against the risk score of my industry. If there are guidelines or insights on this, it will compel customers to reduce risk levels or improve their risk scores. The application block capabilities in Microsoft Defender Vulnerability Management are effective and up to the standards, as everybody is looking at open OSINT and open-source security packages. I think on CV scoring, they are aligned with the industry.
For our current usage, we do not have any complaints, but a potential improvement could be the introduction of a more advanced AI agent, possibly a large language model with better performance than the existing Microsoft Copilot.
Probably my only criticism would be the cost. It is expensive.
The automated remediations can be more specific. However, the score and recommendation aspects are good. Currently, I do not see any significant challenges.
The constant changes in the product configuration or the console setup can sometimes be challenging. They can be disruptive because we need to adjust to these changes, which can interfere with ongoing tasks.
The product must be a little bit more precise in identifying vulnerabilities.
My company works closely with Microsoft, and we have requested a few additional features to be incorporated into the product since there are some shortcomings in the product. The setup phase of the product is not that easy and needs a person to have a certain level of expertise. The aforementioned area can be considered for improvement.
Integration can be improved. A substantial percentage of users operate on Windows 10, and Microsoft is urging the transition to Windows 11. Applications like Teams and Security CoPilot are stable on both platforms, but the full potential may be realized on Windows 11, which becomes more relevant as more users adopt it in the coming years.
The general support could be improved.
A few false positives demand legitimate customer mail requests, but the Defender flags them as vulnerabilities. They should be reduced. Along with it, small and medium enterprises should have customized environmental query features to help them save time. It will benefit organizations that don't have a large team with more technical experience. Additionally, it is challenging to extract and customize reports from the system. Customers typically seek reports that provide information on assets, vulnerabilities, CVSS scores, remediation, priority, and effort. Combining all this data into a single report is difficult because it requires merging information extracted from standard queries. To simplify this process, we should be able to create one customized query that concatenates all the relevant queries and make it accessible through GUI on the platform.