You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/security-center/built-in-vulnerability-assessment.md
+19-2Lines changed: 19 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -24,6 +24,23 @@ This feature is currently in preview.
24
24
> [!NOTE]
25
25
> Security Center supports the integration of tools from other vendors, but you'll need to handle the licensing costs, deployment, and configuration. For more information, see [Deploying a partner vulnerability scanning solution](partner-vulnerability-assessment.md). You can also use those instructions to integrate your organization's own Qualys license, if you choose not to use the built-in vulnerability scanner included with Azure Security Center.
26
26
27
+
28
+
## Overview of the integrated vulnerability scanner
29
+
30
+
The vulnerability scanner extension works as follows:
31
+
32
+
1. Azure Security Center deploys the Qualys extension to the selected virtual machine/s.
33
+
34
+
1. The extension conducts the vulnerability assessment and reports back to the Qualys cloud service in the defined region.
35
+
36
+
1. Qualys's cloud service then sends the findings to Azure Security Center.
37
+
38
+
1. The findings are available to you in Security Center.
39
+
40
+
[](media/built-in-vulnerability-assessment/va-vm-flow-diagram.png#lightbox)
41
+
42
+
43
+
27
44
## Deploying the Qualys built-in vulnerability scanner (Standard tier only)
28
45
29
46
The simplest way to scan your Azure-based virtual machines for vulnerabilities is to use the built-in vulnerability scanner.
@@ -72,7 +89,7 @@ To see the findings and remediate the identified vulnerability:
72
89
73
90
[](media/built-in-vulnerability-assessment/va-findings-all.png#lightbox)
74
91
75
-
1. To filter the findings by a specific VM, open the "Affected resources" section and click the VM that interests you. Alternatively, select a VM from the resource health view, and view all relevant recommendations for that resource.
92
+
1. To filter the findings by a specific VM, open the "Affected resources" section and click the VM that interests you. Or you can select a VM from the resource health view, and view all relevant recommendations for that resource.
76
93
77
94
Security Center shows the findings for that VM, ordered by severity.
78
95
@@ -161,7 +178,7 @@ When you open the recommendation, you'll see your VMs in one or more of the foll
161
178
The scanner is running on your virtual machine and looking for vulnerabilities of the VM itself. From the virtual machine, it can't scan your network.
162
179
163
180
### Does the scanner integrate with my existing Qualys console?
164
-
The Security Center extension is a separate tool from your existing Qualys scanner and, because of licensing restrictions, must be used within Azure Security Center.
181
+
The Security Center extension is a separate tool from your existing Qualys scanner. Licensing restrictions mean that it can only be used within Azure Security Center.
165
182
166
183
### Microsoft Defender Advanced Threat Protection also includes Threat & Vulnerability Management (TVM). How is the Security Center Vulnerability Assessment extension different?
167
184
Microsoft is actively developing world-class vulnerability management with Microsoft Defender ATP's Threat & Vulnerability Management solution, built into Windows.
0 commit comments