draft2

Author: tarTech23

articles/defender-for-iot/organizations/vulnerability-management.md

@@ -12,5 +12,16 @@ With vulnerability management, Microsoft Defender for IoT in the Defender portal
 
 The OT security administrator proactively manages network exposure based on the vulnerability details and recommended remediation actions.
 
+## Vulnerabilities in the device inventory
 
+The device inventory displays the current vulnerabiltiies specific to each device. For more information, see [device inventory](how-to-manage-device-inventory-for-organizations.md#view-full-device-details).
 
+Displays current vulnerabilities specific to the device. Defender for IoT provides vulnerability coverage for [supported OT vendors](resources-manage-proprietary-protocols.md) where Defender for IoT can detect firmware models and firmware versions.<br><br>Vulnerability data is based on the repository of standards-based vulnerability data documented in the US government National Vulnerability Database (NVD). Select the CVE name to see the CVE details and description. <br><br>**Tip**: View vulnerability data across your network with the [Defender for IoT Vulnerability workbook](workbooks.md#view-workbooks).
+
+## Vulnerability management workbook
+
+Data about the vulnerabilities detected on OT devices is available using the **Vulnerabilities** workbook. For more information, see [view workbooks](workbooks.md#view-workbooks).
+
+## Vulnerability based security recommendations
+
+OT devices listed in the Device inventory will suggest security recommendations for any critically severe vulnerability detected on it. The vulnerability recommendation is called **Secure your vulnerable <vendor> devices**. The recommendations are based on the device vendor or CISA (Cybersecurity & Infrastructure Agency) and will list the remediation steps needed to secury the network. For more information, see [supported security recommendations](recommendations.md#supported-security-recommendations).