Certainly! To view vulnerability assessment findings and remediate identified vulnerabilities in Azure, you can follow these steps:
- View Vulnerability Assessment Findings:
- From Defender for Cloud's menu, open the Recommendations page.
- Select the recommendation "Machines should have vulnerability findings resolved".
- Defender for Cloud will show you all the findings for all VMs in the currently selected subscriptions, ordered by severity.
- To filter the findings by a specific VM, open the "Affected resources" section and select the VM of interest.
- You can also select a VM from the resource health view to see all relevant recommendations for that resource.
- To learn more about a specific vulnerability, select it. The details pane provides extensive information, including links to relevant CVEs, remediation steps, and more.
- Export Vulnerability Assessment Results:
- Use Azure Resource Graph (ARG) to export assessment results to a CSV file:
- In the Azure Portal, go to Resource Graph Explorer.
- Type the following query:
securityresources | where type == "microsoft.security/assessments" | where * contains "vulnerabilities in your virtual machines" | summarize by assessmentKey=name | join kind=inner ( securityresources | where type == "microsoft.security/assessments/subassessments" | extend assessmentKey = extract(".*assessments/(.+?)/.*", 1, id) ) on assessmentKey | project assessmentKey, subassessmentKey=name, id, parse_json(properties), resourceGroup, subscriptionId, tenantId | extend description = properties.description, displayName = properties.displayName, resourceId = properties.resourceDetails.id, resourceSource = properties.resourceDetails.source, category = properties.category, severity = properties.status.severity, code = properties.status.code, timeGenerated = properties.timeGenerated, remediation = properties.remediation, impact = properties.impact, vulnId = properties.id, additionalData = properties.additionalData
- Click Run Query and then Download as CSV to access the exported data.
- Use Azure Resource Graph (ARG) to export assessment results to a CSV file: