Microsoft has announced plans to deprecate the “Bring Your Own License” (BYOL) feature in Microsoft Defender for Cloud as part of a move towards a centralized vulnerability management experience.
This significant change aims to enhance enterprise exposure management and streamline vulnerability assessment solutions.
The deprecation of the BYOL feature will occur in two phases:
- February 3, 2025: New machines and subscriptions will no longer be able to onboard to the BYOL feature. Any virtual machines added between February and May will not have agents deployed.
- May 1, 2025: The feature will be fully deprecated and no longer available.
Transition to Microsoft Security Exposure Management
Microsoft is transitioning from BYOL to Microsoft Security Exposure Management data connectors, offering a more comprehensive and integrated solution. This new approach will provide:
- Multiple scanner options: Integration of various third-party vulnerability assessment solutions, offering greater flexibility and coverage.
- Unified visibility: A combined view of all vulnerability assessments across multi-cloud and on-premises environments, simplifying management and reporting.
- Seamless integration: Once configured, the data connector requires no additional agent installation beyond the one provided by the connector.
Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar
The transition to Security Exposure Management connectors will bring several improvements over the current BYOL feature:
- Multi-cloud support: While BYOL was limited to Azure, the new solution will cover multi-cloud and non-cloud environments.
- Expanded vendor support: In addition to Rapid7 and Qualys, the new system will also support Tenable, with plans for more vendors in the future.
- Aggregated results: Devices will show aggregated results from multiple providers, unlike the current system, where each device shows results from a single provider.
Organizations currently using BYOL solutions in Defender for Cloud are encouraged to begin configuring their Microsoft Security Exposure Management data connectors for Qualys and Rapid7 before the May 1, 202,5, deadline.
This strategic move by Microsoft aims to provide a more cohesive and comprehensive vulnerability assessment solution within its unified security operations platform.
By consolidating these capabilities, Microsoft seeks to deliver a more integrated and efficient experience for vulnerability and exposure management across cloud, hybrid, and on-premises environments.
Analyze cyber threats with ANYRUN's powerful sandbox. Black Friday Deals : Get up to 3 Free Licenses.