Microsoft’s Threat and Vulnerability Management (TVM) suite allows organizations to improve security configurations of their devices. It offers insights to discover threats, automatically prioritizes issues, and allows companies to remediate vulnerabilities seamlessly. Previously, these capabilities were only available on Windows and macOS, but Microsoft has now extended support to Linux as well.
Currently supported Linux operating systems include RHEL, CentOS, and Ubuntu. Support will be rolling out for Oracle Linux, SUSE, and Debian soon as well.
TVM capabilities can be directly managed from Microsoft Defender for Endpoint. Furthermore, its APIs can be called to get access to the underlying dataset which includes vulnerability assessments and software inventory, among other things. This also means that security partners can utilize these APIs to get access to this data and build their own custom solutions.
Microsoft went on to say that:
As a hybrid workforce becomes the new normal and organizations continue to face new security challenges, Microsoft Threat and Vulnerability Management enables better insight into organizational risk and the overall security posture of their devices. With a focus on broad platform support and interoperability, we are committed to providing customers with the flexibility and coverage they need to detect vulnerabilities and misconfigurations early on and make remediation simple.
Apart from general availability of TVM for Linux, the secure configuration assessment component is now also in public preview for macOS and Linux. It was only available on Windows and Windows Server devices previously. You can find out more about it here.
In terms of next steps, Microsoft says that it plans to improve the interoperability of its TVM solution by partnering with other integration and solution providers. Additionally, support for TVM on Android and iOS is also expected “later this summer”, although we don’t have a firm release date as of yet.