What's new in Microsoft Secure Score
Want to experience Microsoft 365 Defender? Learn more about how you can evaluate and pilot Microsoft 365 Defender.
To make Microsoft Secure Score a better representative of your security posture, we continue to add new features and improvement actions.
The more improvement actions you take, the higher your Secure Score will be. For more information, see Microsoft Secure Score.
New Microsoft Defender for Endpoint and Microsoft Defender Vulnerability Management recommendations are now available as Secure Score improvement actions:
- Disallow offline access to shares
- Remove share write permission set to Everyone
- Remove shares from the root folder
- Set folder access-based enumeration for shares
- Update Microsoft Defender for Endpoint core components
A new Microsoft Defender for Identity recommendation is available as a Secure Score improvement action:
- Resolve unsecure domain configurations
A new app governance recommendation is now available as a Secure Score improvement action:
- Regulate apps with consent from priority accounts
New Salesforce and ServiceNow recommendations are now available as Secure Score improvement actions for Microsoft Defender for Cloud Apps customers. For more information, see SaaS Security Posture Management overview.
Salesforce and ServiceNow controls are now available in public preview.
- Turn on user authentication for remote connections
- Turn on Safe Attachments in block mode
- Prevent sharing Exchange Online calendar details with external users
- Turn on Safe Documents for Office clients
- Turn on the common attachments filter setting for anti-malware policies
- Ensure that there are no sender domains allowed for anti-spam policies
- Create Safe Links policies for email messages
- Create zero-hour auto purge policies for malware
- Turn on Microsoft Defender for Office 365 in SharePoint, OneDrive, and Microsoft Teams
- Create zero-hour auto purge policies for phishing messages
- Create zero-hour auto purge policies for spam messages
- Block abuse of exploited vulnerable signed drivers
- Turn on scanning of removable drives during a full scan
We want to hear from you
If you have any issues, let us know by posting in the Security, Privacy & Compliance community. We're monitoring the community and will provide help.
Submit and view feedback for