Microsoft Defender for IoT VR Configuration form
Use the Microsoft Defender for IoT VR Configuration form to configure the Vulnerability Response for Microsoft Defender for IoT (On-premises Management Console) application.
| Field | Description |
|---|---|
| Name | The name of the configuration. |
| Integration instance | The instance for the configuration. The available default integration instance is the Microsoft Defender for IoT Vulnerability Response instance. |
| Endpoint URL | The URL of the Microsoft Defender for IoT Management Console. For example: https://10.10.0.222/external/v3/integration/devicecves |
| MID server | The MID Server used for the integration. |
| API key | The token needed to access the Central Manager APIs. For information about creating an API key in the Microsoft Defender for IoT management console, see https://docs.microsoft.com/en-us/azure/defender-for-iot/organizations/references-work-with-defender-for-iot-apis. |
| Page size | The number of devices per page in the Microsoft API
response. The default page size is 50. |
| CVSS V2 Score | The vulnerabilities with the score greater than or equal to the configured CVSS V2 score is considered for the import of CVEs and creation of Vulnerable Item (VIT) records. The default value is set to 0. |
| Auto-close Resolved VIs | If the VIT record is set to resolved, it can be closed automatically if the CVE no longer appears in the API response from Microsoft Defender for IoT for that OT device. |
| Wait days to reopen a Resolved VI | When a VIT is resolved, it can take a while for Microsoft Defender for IoT to confirm if the vulnerability is resolved based on the OT device's communication in the network. Define the number of days to wait before reopening the resolved VIT when the NIDS cannot confirm it as Closed. |