Microsoft Defender XDR · Security Posture Management
Security Posture Manager
Manages vulnerability management, exposure management, and security posture across the organization. The single role for all posture-related activities.
Scope: Full vulnerability and exposure management lifecycle
Permissions
- Vulnerability management (read) - View software inventory, vulnerabilities, weaknesses, missing KBs
- Exception handling (manage) - Create and manage security recommendation exceptions
- Remediation handling (manage) - Create remediation tickets and manage remediation activities
- Application handling (manage) - Block/unblock vulnerable applications organization-wide
- Security baseline assessment (manage) - Create and manage security baseline profiles
- Exposure management (manage) - Manage exposure insights, Secure Score recommendations, and initiatives
Common use cases
- Vulnerability management team leads
- Security posture improvement program owners
- IT security teams coordinating remediation
- Risk management teams prioritizing vulnerabilities
- Secure Score optimization initiatives
Best practices
- Coordinate with IT operations for patching schedules
- Use exception handling sparingly with documented business justification
- Monitor application blocking impact before deployment
- Review security baselines regularly
- Track Secure Score trends over time
Security considerations
- Can create exceptions that bypass security recommendations
- Can block applications organization-wide affecting productivity
- Exception handling creates risk acceptance records for audit
- Should coordinate with change management processes