Something I thought id share with the wider community as more then likely most people wont be aware of this, or will have a different vulnerability notification avenue that they use to get there notifications.
This feature is baked into Microsoft Defender, its simple but is effective if you want to keep up to date with the latest threats out there. It also serves as a verification that Microsoft are onto it with releasing the latest patches/fixes and anti-virus definitions
Within Microsoft 365 Defender you have the ability to receive email based vulnerability notifications, incase you don't look at the portal everyday or you are a security manager wanting to keep an eye on the latest threats. Follow these steps
Log into Microsoft 365 Defender
Select Settings > Endpoints > Email Notifications
In Notifications select the vulnerabilities tab and click "Add notification rule"
Give you new notification a name and description
Select all that make sense to what you want to be notified on, I've selected only the High Severity threshold
Select Exploit was verified
New Public exploit (Because I want to see any new Zero-Days)
Click Next
Add in your recipients
Click Next and review your settings
Click Submit
The Notifications section can be really powerful for both alerts and vulnerabilities. Remember to make it work for you and your requirements
For further information around this, check out the below links
Comments