Microsoft to Phase Out BYOL Feature in Defender for Cloud: What You Need to Know

In a big move towards enhancing cloud security, Microsoft has announced the deprecation of the Bring Your Own License (BYOL) feature in Microsoft Defender for Cloud. This will be a phased process, with full deprecation expected by May 1, 2025. The change is targeted to enhance the platform's capability in vulnerability management and deliver more streamlined, centralized management of security exposure.
Phase-Out Timeline for BYOL
New machines and subscriptions will not onboard to the BYOL feature starting 3rd February 2025. This means that no more new virtual machines will be made available to use BYOL, and any machine included in February to May, will have no agents that deploy to the machine. At May 1st 2025, the full deprecation of the feature is going to take effect meaning the end of using BYOL in Microsoft Defender for Cloud.
Why Was There A Change?
Microsoft is deprecating the BYOL feature as part of its strategy to improve enterprise exposure management and streamline vulnerability assessments. It is replacing third-party vulnerability management tools under BYOL with data connectors for Microsoft Security Exposure Management. This change should better integrate, support multiple clouds, and be more flexible in vulnerability scanning across cloud and on-premises environments.
New Features with Security Exposure Management
The new Microsoft Security Exposure Management has the following improvements:
Multicloud support: Unlike the BYOL, which only supported Azure, the new solution will cater to multi-cloud environments; hence, there will be a better scope for hybrid infrastructures.
Vendor support is expanded to include other vulnerability vendors such as Tenable apart from Rapid7 and Qualys
Vulnerability results of multiple providers will be shown together in a device. It will no longer only show one result.
Action Needed for Organizations That Use BYOL
Microsoft strongly advises existing users of the BYOL feature to transition to the new Microsoft Security Exposure Management connectors for Qualys and Rapid7 before May 2025, when BYOL will be fully deprecated. This transition will help ensure that organizations can continue managing vulnerabilities without interruption.