Automatically configure vulnerability assessment for your machines

Defender for Cloud collects data from your machines using agents and extensions. To save you the process of manually installing the extensions, such as the manual installation of the Log Analytics agent, Defender for Cloud reduces management overhead by installing all required extensions on existing and new machines. Learn more about monitoring components.

To assess your machines for vulnerabilities, you can use one of the following solutions:

• Microsoft Defender Vulnerability Management solution (included with Microsoft Defender for Servers)
• Built-in Qualys agent (included with Microsoft Defender for Servers)
• A Qualys or Rapid7 scanner that you've licensed separately and configured within Defender for Cloud (this scenario is called the Bring Your Own License, or BYOL, scenario)

Note

To automatically configure a BYOL solution, see Integrate security solutions in Microsoft Defender for Cloud.

Automatically enable a vulnerability assessment solution

1. From Defender for Cloud's menu, open Environment settings.

2. Select the relevant subscription.

3. In the Monitoring coverage column of the Defender for Servers plan, select Settings.

4. Turn on the Vulnerability assessment for machines and select the relevant solution.

   Tip

   If you select the "Microsoft Defender for Cloud built-in Qualys solution" solution, Defender for Cloud enables the following policy: Configure machines to receive a vulnerability assessment provider.

5. Select Apply and then select Save.

6. To view the findings for all supported vulnerability assessment solutions, see the Machines should have vulnerability findings resolved recommendation.

   Learn more in View and remediate findings from vulnerability assessment solutions on your machines.

Next steps

Remediate the discovered vulnerabilities

Defender for Cloud also offers vulnerability assessment for your:

• SQL databases - Explore vulnerability assessment reports in the vulnerability assessment dashboard
• Azure Container Registry images - Use Microsoft Defender for container registries to scan your images for vulnerabilities
• Amazon AWS Elastic Container Registry images - Use Microsoft Defender for container registries to scan your images for vulnerabilities