2 min

Microsoft has added network scanning to Defender for Endpoint. The software allows companies to check whether unmanaged devices are connected to the network. Administrators are then advised of potential security risks associated with these devices.

With the new feature, Microsoft wants to capitalise on the trend that many employees now use their own devices at work. The company says that such BYO devices are 71 percent more likely to be infected with a virus. This is because companies have less control over such devices, which gives potential hackers a way to penetrate a company network unseen.

Defender for Endpoint is an enterprise security solution and is separate from the Defender software that is installed on all Windows computers. The software was previously called Microsoft Advanced Threat Protection.

Scan for unmanaged devices

To prevent the use of personal devices in corporate networks from becoming too big a problem, Microsoft has added a function to Defender for Endpoint to scan the network for unmanaged devices. The scan takes a few minutes and can handle machines running Windows as well as those running Linux, macOS, iOS and Android. Network devices such as routers, firewalls and WLAN controllers can also be scanned.

Workflow for securing devices

Based on the scan, the security professional is presented with workflows to secure the devices. These consist of information about possible available updates or known security problems with the device. Endpoints that are found can also be supplied with their own instance of Defender for Endpoint for more comprehensive protection.


The new scanning feature is available immediately if the administrator has signed up to receive previews. The steps to do so are described on Microsoft’s website. The company asks users to leave their feedback in the Microsoft 365 security centre. It is not known when the feature will be permanently added to Defender for Endpoint.

Tip: Microsoft makes Defender for Endpoints available on Arm