The improved Microsoft 365 Defender portal is now available. This new experience brings Defender for Endpoint, Defender for Office 365, Microsoft 365 Defender, and more into the Microsoft 365 Defender portal. Learn what’s new.
To make Microsoft Secure Score a better representative of your security posture, we have made some changes. To learn about planned changes, see What’s coming in Microsoft Secure Score?
Added improvement action related to Microsoft Teams
- Restrict dial-in users from bypassing a meeting lobby
- Limit external participants from having control in a Teams meeting
- Restrict anonymous users from starting Teams meetings
- Require lobbies to be set up for Teams meetings
- Configure which users are allowed to be present in Teams meetings
Added improvement action related to Microsoft Defender for Endpoint
- Fix Microsoft Defender for Endpoint sensor data collection for macOS
- Fix Microsoft Defender for Endpoint impaired communications for macOS
- Set minimum password length to 15 or more characters in macOS
- Set ‘Enforce password history’ to ’24 or more password(s)’ in macOS
- Set ‘Maximum password age’ to ’90 or fewer days, but not 0′ in macOS
- Set account lockout threshold to 5 or lower in macOS
- Turn on Firewall on macOS
- Enable Gatekeeper
- Enable System Integrity Protection (SIP)
- Enable FileVault Disk Encryption
- Set screen to lock when screensaver starts in macOS
- Ensure screensaver is set to start in 20 minutes or less in macOS
- Secure Home Folders
- Turn on Microsoft Defender Antivirus real-time protection for macOS
- Turn on Microsoft Defender Antivirus PUA protection in block mode for macOS
- Enable Microsoft Defender Antivirus cloud-delivered protection for macOS
- Update Microsoft Defender Antivirus definitions for macOS
- Fix Microsoft Defender for Endpoint sensor data collection for Linux
- Fix Microsoft Defender for Endpoint impaired communications for Linux
- Unrestricted Access Accounts
- Turn on Microsoft Defender Antivirus real-time protection for Linux
- Turn on Microsoft Defender Antivirus PUA protection in block mode for Linux
- Enable Microsoft Defender Antivirus cloud-delivered protection for Linux
- Update Microsoft Defender Antivirus definitions for Linux
Removed improvement action related to Microsoft Cloud App Security
- Use Cloud App Security to detect anomalous behavior.
Compatibility with Graph API
Microsoft Secure Score recommendations delivered via Graph API will look and be weighted the same as the recommendations you currently see in the Microsoft 365 Defender portal.
Added our first security recommendation for Microsoft Teams
Microsoft Teams customers will see “Restrict anonymous users from joining meetings” as a new improvement action in Secure Score.
Added six accounts-related improvement actions for Microsoft Defender for Endpoint:
- Set ‘Minimum password length’ to ’14 or more characters’
- Set ‘Enforce password history’ to ’24 or more password(s)’
- Set ‘Maximum password age’ to ’60 or fewer days, but not 0′
- Set ‘Minimum password age’ to ‘1 or more day(s)’
- Disable the built-in Administrator account
- Disable the built-in Guest account
Removed the ability to create ServiceNow tickets through Secure Score
The ability to create ServiceNow tickets through Secure Score by going to Share > ServiceNow is no longer available. Thank you for your feedback and continued support while we determine next steps.
Added three services-related improvement actions for Microsoft Defender for Endpoint:
- Fix unquoted service path for Windows services
- Change service executable path to a common protected location
- Change service account to avoid cached password in windows registry
Removed improvement action related to Microsoft Defender for Endpoint
- Set Microsoft Defender SmartScreen Windows Store app web content checking to warn
Updated improvement action for Azure Active Directory
- Enable policy to block legacy authentication
Incompatibility with Identity Secure Score
In the recent release of Microsoft Secure Score, an improved scoring model has been released. These changes allow for a more flexible and accurate view of your security posture. However, these updates have made Microsoft Secure Score temporarily incompatible with Identity Secure Score.
In time, Identity Secure Score will adopt the new scoring model. Until then, customers will see differences in the scores reported by Microsoft Secure Score and the Identity Secure Score. We apologize for any inconvenience this causes, and are working to ensure these experiences are more compatible in the future.
Updated improvement actions
- Added Azure Active Directory improvement actions
- Added Microsoft Defender for Identity improvement actions
- Support for Microsoft Defender for Endpoint Threat & Vulnerability Management security recommendations
- All released security recommendations supplied by TVM are now available
Updated interface and functionality
- All new metrics and trends views for CISO and lead level discussions
- New ways to track and benchmark your score
- Better tracking and understanding for score regressions
- Filter, tag, search, and group your improvement actions
- Manage towards your future goals using score projections and planned actions
- And more!
We want to hear from you
If you have any issues, let us know by posting in the Security, Privacy & Compliance community. We’re monitoring the community and will provide help.