Security Dashboard

Connect to Microsoft Defender and manage your vulnerabilities with Pckgr

1. Introduction

Microsoft Defender for Endpoint is excellent at seeing vulnerabilities, but it doesn’t fix them. Before now, IT teams needed to:

Read Defender alerts
Manually look up installers
Package apps
Deploy via Intune
Wait for another Defender scan

The Pckgr Security Dashboard streamlines this process by:

Pulling vulnerability data directly from Defender
Visualizing which apps need patching
Mapping detected apps to Pckgr packages
Recommending the correct update version
Allowing one‑click Update‑Only patch deployments to Intune
Tracking remediation after Defender’s next scan

This gives you a complete loop:

Detect → Decide → Patch → Validate, all in one place.

This feature is a new addition to Pckgr's services and our team plan to continuously develop its functionality to suit our user's needs. Please feel free to offer feedback to our team at any time, at [email protected].

2. Security Dashboard Overview

The Security Dashboard loads and displays three main sections:

2.1 Security Overview

A high‑level summary generated from Microsoft Defender for Endpoint (MDE), showing:

Total applications requiring updates
Weekly increase/decrease trends in vulnerabilities
Exposure indicators (e.g., “down 21 applications since last week”)
Snapshot‑based comparisons for quick health assessment

This gives you immediate visibility into application‑level risk in your fleet.

2.2 Application List

A table of all applications Defender has detected with vulnerabilities. For each app you’ll see:

App name
Defender‑recommended version
Number of exposed devices
pckgr linking/patching status
Available actions (Link, Patch, View Details)

2.3 Top Software Vulnerabilities

A curated list of the highest‑risk vulnerabilities in your environment. This may include apps that Pckgr has not previously deployed, and can be linked or patched using suggested Pckgr applications or custom packages.

3. Quick Start Checklist

A lightweight, at‑a‑glance checklist to get up and running quickly.

1. Connect Defender

Select your Company
Click Connect to Defender
Approve the read‑only MDE app registration

2. Sync Vulnerability Data

Click Start Sync
Wait for the initial data import
Confirm apps populate in the table

3. Review Vulnerable Applications

Check the “Apps Requiring Patching” count
Open any app with vulnerabilities
Review Defender’s recommended version

4. Link Applications

Click Link Application to match Defender → Pckgr
Upload custom packages if needed
Ensure status changes to “Application Connected”

5. Deploy Patch

6. Verify Fix

Wait for Defender’s next scan
Confirm the vulnerability disappears from the list
Check updated metrics in Security Overview

4. Detailed Feature Guide

Below is a more in‑depth explanation of each part of the dashboard.

4.1 Connecting pckgr to Defender

When you click Connect to Defender, you will need to sign in with Global Admin and accept the permissions required to register Pckgr Security App as an Enterprise application.

Pckgr requests read‑only access only to MDE. This:

Does not modify your Defender security settings
Does not deploy configurations
Only imports vulnerability recommendations and exposure data

This ensures Pckgr can safely ingest the required information without introducing risk.

4.2 Syncing Data

Initial Sync

After connection, you’ll see a Start Sync button.

Clicking it loads:

Defender recommendations
Vulnerability metadata
A snapshot of your environment
Version upgrade recommendations

Ongoing Sync

The dashboard automatically synchronizes every 8 hours
A manual sync button is in development

4.3 Understanding the Security Overview

The overview acts as your executive summary:

Green means your exposure has improved
Red means things have worsened or increased
Trends use your last snapshot for comparison
Helps you decide whether to act now or later

This gives you an immediate sense of security posture.

4.4 Application List

Each line in the list represents a vulnerable app identified by Defender.

You’ll see:

Field

Description

App Name

The software detected by Defender

Recommended Version

The version Defender wants deployed

Exposed Devices

How many devices are affected

Status

e.g., “No Patch Deployed”, “Update Deployed”, “Application Connected”

Actions

Options to Link, Patch, or View Details

4.5 Application Details

Selecting an app opens a more detailed view:

Defender’s vulnerability details
Recommended version
Exposure scoring
List of devices affected
pckgr patching options
Link or custom package options

This is where you decide how to remediate the vulnerability.

4.6 Linking Applications

If you already deploy apps with Pckgr:

You can link Defender‑detected apps to existing Pckgr packages
This improves metadata alignment
And ensures accurate reporting

If the app is not in Pckgr:

Upload a custom package
Link it
Deploy via Pckgr → Intune

4.7 Deploying Update‑Only Patches

Update‑Only patching:

Avoids reinstalling the entire app
Updates only the version detected
Reduces disruption and deployment size
Pushes through Intune like any other Pckgr deployment

Workflow:

Click Patch
Confirm
Deployment occurs from your Application Library
Assign device/s

4.8 Verification

Once the patch is deployed:

Defender rescans on its normal cycle
The vulnerability disappears from the dashboard
Exposure scores improve
Status changes accordingly

You may optionally:

Check the app version directly on a device
View deployment logs
Assess fleet‑wide consistency

5. Advanced Concepts

5.1 Mixed Installation Formats (MSI / EXE / MSIX)

Example:

One device has MSI 7‑Zip
The rest of the fleet uses EXE 7‑Zip
Defender recommends patching only the MSI instance

In these scenarios, your ideal long‑term remediation is:

Standardize to the most common installer format in your fleet, rather than patching an outlier.

Future logic will highlight this automatically, you can read more about standardising your tenant with Pckgr here.

6. Troubleshooting

App list is empty

Ensure your connection to Intune was successful
- ensure you sign into the tenant during connection with an admin account
- ensure you accept the permissions
- check your Enterprise App list in Intune for Pckgr Security Application

Numbers don’t look right

Defender uses its own scan schedule
Pckgr uses snapshots
They align automatically over time

“Update Deployed” never becomes “Application Connected”

Status logic is still undergoing refinement

7. Feedback and Development

The Security Dashboard is a newly released feature and is actively evolving, and your real‑world use helps guide what we improve next. We’re continuing to refine workflows and expand functionality so it grows in the direction users need most.

Your suggestions, big or small, help shape its development. If you’d like to share feedback, please contact:

[email protected]

PreviousPckgr Policy Manager NextCompany Portal

Last updated 3 days ago

hashtag1. Introduction

hashtag2. Security Dashboard Overview

hashtag2.1 Security Overview

hashtag2.2 Application List

hashtag2.3 Top Software Vulnerabilities

hashtag3. Quick Start Checklist

hashtag1. Connect Defender

hashtag2. Sync Vulnerability Data

hashtag3. Review Vulnerable Applications

hashtag4. Link Applications

hashtag5. Deploy Patch

hashtag6. Verify Fix

hashtag4. Detailed Feature Guide

hashtag4.1 Connecting pckgr to Defender

hashtag4.2 Syncing Data

hashtagInitial Sync

hashtagOngoing Sync

hashtag4.3 Understanding the Security Overview

hashtag4.4 Application List

hashtag4.5 Application Details

hashtag4.6 Linking Applications

hashtag4.7 Deploying Update‑Only Patches

hashtag4.8 Verification

hashtag5. Advanced Concepts

hashtag5.1 Mixed Installation Formats (MSI / EXE / MSIX)

hashtag6. Troubleshooting

hashtagApp list is empty

hashtagNumbers don’t look right

hashtag“Update Deployed” never becomes “Application Connected”

hashtag7. Feedback and Development