Assign device value

Applies to:

Important

Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Note

Want to experience Microsoft Defender Vulnerability Management? Learn more about how you can sign up to the Microsoft Defender Vulnerability Management public preview trial.

Defining a device's value helps you differentiate between asset priorities. The device value is used to incorporate the risk appetite of an individual asset into the Defender Vulnerability Management exposure score calculation. Devices assigned as "high value" will receive more weight.

You can also use the set device value API.

Device value options:

  • Low
  • Normal (Default)
  • High

Examples of devices that should be assigned a high value:

  • Domain controllers, Active Directory
  • Internet facing devices
  • VIP devices
  • Devices hosting internal/external production services

Choose device value

  1. Navigate to any device page, the easiest place is from the device inventory.

  2. Select Device value from three dots next to the actions bar at the top of the page.

The Device value option

  1. A flyout will appear with the current device value and what it means. Review the value of the device and choose the one that best fits your device.

The Device value page

How device value impacts your exposure score

The exposure score is a weighted average across all devices. If you have device groups, you can also filter the score by device group.

  • Normal devices have a weight of 1
  • Low value devices have a weight of 0.75
  • High value devices have a weight of NumberOfAssets / 10.
    • If you have 100 devices, each high value device will have a weight of 10 (100/10)