What pre-built role to read the Microsoft Defender for Endpoint and vulnerabilities

HazyBazy 0 Reputation points
2024-06-14T09:00:48.3333333+00:00

what pre-built role (in intune or Entra ID) can be assigned to read the Microsoft Defender for Endpoint and vulnerabilities, Global Reader and Security Reader can only Read Defender for Identity or Defender for cloud but for some reason can't access to Defender for Endpoint

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
715 questions
Microsoft Defender for Endpoint Training
Microsoft Defender for Endpoint Training
Microsoft Defender for Endpoint: A Microsoft unified security platform for preventative protection, postbreach detection, and automated investigation and response. Previously known as Microsoft Defender Advanced Threat Protection.Training: Instruction to develop new skills.
28 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Marilee Turscak-MSFT 36,246 Reputation points Microsoft Employee
    2024-06-17T22:01:47.87+00:00

    Hi @HazyBazy ,

    For full access you can assign the Global Administrator or Security Administrator roles, since the Security Reader role does not have access to view machines or device inventory. (This is also documented here.) To read the Defender for Endpoint vulnerabilities through a custom role, the account needs to have Vulnerability.Read permissions.

    Permission type Permission Permission display name
    Application Vulnerability.Read.All 'Read Threat and Vulnerability Management vulnerability information'
    Application Vulnerability.Read.All 'Read Threat and Vulnerability Management vulnerability information'
    Delegated (work or school account) Vulnerability.Read 'Read Threat and Vulnerability Management vulnerability information'

    If the information helped you, please Accept the answer. This will help us and improve searchability for others in the community who may be researching similar questions.