Compare Microsoft Defender Vulnerability Management plans and capabilities

Important

Some information in this article relates to prereleased products/services that might be substantially modified before they are commercially released. Microsoft makes no warranties, express or implied, for the information provided here.

This article helps clarify the Defender Vulnerability Management capabilities included in:

Start a trial

Vulnerability Management capabilities for endpoints

The table below shows the availability of Defender Vulnerability Management capabilities for endpoints:

Capability Defender for Endpoint Plan 2 includes the following core Defender Vulnerability Management capabilities Defender Vulnerability Management Add-on provides the following premium Vulnerability Management capabilities for Defender for Endpoint Plan 2 Defender Vulnerability Management Standalone (Public Preview) provides full Defender Vulnerability Management capabilities for any EDR solution
Device discovery -
Device inventory -
Vulnerability assessment -
Configuration assessment -
Risk based prioritization -
Remediation tracking -
Continuous monitoring -
Software inventory -
Software usages insights -
Security baselines assessment -
Block vulnerable applications -
Browser extensions assessment -
Digital certificate assessment -
Network share analysis -
Hardware and firmware assessment -
Authenticated scan for Windows -

Note

Microsoft 365 Business Premium and the standalone version of Microsoft Defender for Business include the capabilities that are listed under Defender for Endpoint Plan 2 in the preceding table.

Vulnerability Management capabilities for servers

For Microsoft Defender for Cloud customers, Defender Vulnerability Management is natively integrated within Defender for Cloud to perform vulnerability assessments for cloud based virtual machines and recommendations will automatically populate in the Defender for Cloud portal.

Microsoft Defender for Servers Plan 2 includes access to the premium vulnerability management capabilities that are part of the Defender Vulnerability Management add-on. The capabilities are only available through the Microsoft Defender 365 portal.

Note

Premium Defender Vulnerability Management capabilities are currently enabled for all client devices across Defender for Cloud tenants with Defender for Servers Plan 2 subscription.

From March 15, 2023, we will begin to gradually roll out an update where premium vulnerability management capabilities will no longer be automatically enabled across tenants and will only be available for client devices eligible for the Defender Vulnerability Management add-on.

To start or continue using the premium vulnerability management capabilities for your client devices, see Try Defender Vulnerability Management Add-on trial for Defender for Endpoint Plan 2 customers.

The table below shows the availability of Defender Vulnerability Management capabilities across the Defender for Servers plans.

Capability Defender For Servers Plan 1 Defender For Servers Plan 2
Vulnerability assessment
Configuration assessment
Risk based prioritization
Remediation tracking
Continuous monitoring
Software inventory
Software usages insights
Security baselines assessment -
Block vulnerable applications - -*
Browser extensions assessment -
Digital certificate assessment -
Network share analysis -
Hardware and firmware assessment -
Authenticated scan for Windows -

*Block vulnerable applications is not currently available for Microsoft Defender for Servers Plan 2. This feature is available for client devices that are eligible for the Defender Vulnerability Management add-on.

Next steps