Ensure that your devices:
- Are onboarded to Microsoft Defender for Endpoint
- Run supported operating systems and platforms
- Have the following mandatory updates installed and deployed in your network to boost your vulnerability assessment detection rates:
- Are onboarded to Microsoft Intune and Microsoft Endpoint Configuration Manager to help remediate threats found by threat and vulnerability management. If you’re using Configuration Manager, update your console to the latest version.
If you have the Intune connection enabled, you get an option to create an Intune security task when creating a remediation request. This option does not appear if the connection is not set.
- Have at least one security recommendation that can be viewed in the device page
- Are tagged or marked as co-managed
Relevant permission options
- Log in to Microsoft 365 Defender portal using account with a Security administrator or Global administrator role assigned.
- In the navigation pane, select Settings > Endpoints > Roles.
For more information, see Create and manage roles for role-based access control.
- Security operations – View all security operations data in the portal
- Threat and vulnerability management – View threat and vulnerability management data in the portal
Active remediation actions
- Security operations – Take response actions, approve or dismiss pending remediation actions, manage allowed/blocked lists for automation and indicators
- Threat and vulnerability management – Exception handling – Create new exceptions and manage active exceptions
- Threat and vulnerability management – Remediation handling – Submit new remediation requests, create tickets, and manage existing remediation activities
For more information, see RBAC permission options