How to generate a monthly Defender ATP Threat and Vulnerability Report

Just recently Microsoft announced that the Defender ATP advanced hunting schema was extended with the following tables: DeviceTvmSoftwareInventoryVulnerabilities DeviceTvmSoftwareVulnerabilitiesKB DeviceTvmSecureConfigurationAssessment DeviceTvmSecureConfigurationAssessmentKB This allows us to run advanced hunting queries to find and extract Defender ATP TVM data. View the code on Gist. Now the people in your organization who are responsible for threat and vulnerability management might not necessarily have the knowledge of using the advanced hunting query language or are provided access to the Read More …