#Check Vulnerabilities of a Tenant

Azure security management includes Vulnerability Detection to help identify software risks across the environment. It lets you review detected vulnerabilities, quickly assess severity at a glance, and take action with guided remediation to strengthen the security posture.

Vulnerability Detection retrieves vulnerability data from the National Vulnerability Database (NVD) covering the past five years. When you use this feature for the first time, the initial data load may take some time.

To access the Vulnerability detection page for a tenant, click Vulnerability detection in the left navigation. Detected vulnerabilities are listed in a table with key details such as the vulnerability ID, description, affected entity and version, impacted resource count, CVSS score, and first detected time. The CVSS score indicates the severity of a security vulnerability using a standardized score. A higher score represents a higher severity level and greater potential risk.

Click the vulnerability ID link to view the details. There are several tabs for vulnerability:

• Basics – This tab displays general information of the vulnerability, such as its affected system version, status, CVSS score, and detection information.

• Affected resources – This tab lists all resources affected by the selected vulnerability.

• Remediation – The Remediation section provides AI‑generated recommendations to help resolve the detected issue. Click Generate in the upper-right corner to create remediation guidance. Once generated, the remediation content is saved and remains available until the user clicks Regenerate.

• Audit logs – This tab displays all action records performed to the current vulnerability.

The Actions menu in the upper-right corner allows you to manage the vulnerability status directly from the details page: These actions are also available by selecting the vulnerabilities in the vulnerability list and clicking the Actions button.

• Mark as fixed – Mark the vulnerability as resolved after remediation has been completed.

• Dismiss – Dismiss the vulnerability when it is considered acceptable or not applicable.

• Resume – Resume the previously dismissed vulnerability so that it is tracked and monitored again.