Skip to main content

No vulnerability data received (Azure Server)

S
Written by Shannon DeLange
Updated today

Administrators may notice they have servers coming from Microsoft Azure showing No Vulnerability data received in Vanta:

Troubleshooting

  • Please ensure you have the product feature enabled by going to this page and confirming it is toggled ON (purple):

  • Please ensure that inside Azure --> Microsoft Defender for Cloud --> Environment settings --> [Select the subscription the server is on] and confirm that you have the server plan enabled:

Either Plan 1 or Plan 2 works. Ensure the monitoring coverage is set to Full.​

  • If monitoring coverage is not set to full, please click into the settings:

  • And confirm that Vulnerability assessment for machines is turned on. You can also use the agentless scanning for machines:

  • If you have a plan enabled with the correct settings please also confirm a scan has been completed on the server. You can find this by going to Microsoft Defender for Cloud --> Recommendations then searching for "Machines should have vulnerability findings resolved":

You should see the server name listed under the "Affected Resource" column. If there's no entry for "Machines should have vulnerability findings resolved" for that server, first make sure the server is powered on (its status shouldn’t be "stopped").

If the server is on but that recommendation still isn’t showing, it’s expected that Vanta will display "No Vulnerability Data Received" for the server. That’s because Vanta pulls vulnerability data from that specific recommendation. To fix this, you’ll need to run a Defender scan on the server.

What if I Recently Enabled a Server Scanning Plan?


If you recently enabled the Server scanning plan you will need wait for the scheduled scan to run. If an initial scan is ran and no vulnerabilities are found the server status in vanta will change to "No Actionable Vulnerabilities found":



If a scan is ran and vulnerabilities are found they will be listed in the "Machines should have vulnerability findings resolved" recommendation:


And these vulnerabilities will also appear in Vanta. If they do not appear in Vanta please send us a screenshot of the "Machines should have vulnerability findings resolved" recommendation with the server name in view and the findings tab in View. (See screenshot above for an example)