What's new in Microsoft Secure Score

Note

Want to experience Microsoft 365 Defender? Learn more about how you can evaluate and pilot Microsoft 365 Defender.

To make Microsoft Secure Score a better representative of your security posture, we continue to add new features and improvement actions.

The more improvement actions you take, the higher your Secure Score will be. For more information, see Microsoft Secure Score.

Microsoft Secure Score can be found at https://security.microsoft.com/securescore in the Microsoft 365 Defender portal.

June 2022

  • New Microsoft Defender for Endpoint and Microsoft Defender Vulnerability Management recommendations are now available as Secure Score improvement actions:

    • Disallow offline access to shares
    • Remove share write permission set to Everyone
    • Remove shares from the root folder
    • Set folder access-based enumeration for shares
    • Update Microsoft Defender for Endpoint core components
  • A new Microsoft Defender for Identity recommendation is available as a Secure Score improvement action:

    • Resolve unsecure domain configurations
  • A new app governance recommendation is now available as a Secure Score improvement action:

    • Regulate apps with consent from priority accounts
  • New Salesforce and ServiceNow recommendations are now available as Secure Score improvement actions for Microsoft Defender for Cloud Apps customers. For more information, see SaaS Security Posture Management overview.

Note

Salesforce and ServiceNow controls are now available in public preview.

April 2022

  • Turn on user authentication for remote connections

December 2021

  • Turn on Safe Attachments in block mode
  • Prevent sharing Exchange Online calendar details with external users
  • Turn on Safe Documents for Office clients
  • Turn on the common attachments filter setting for anti-malware policies
  • Ensure that there are no sender domains allowed for anti-spam policies
  • Create Safe Links policies for email messages
  • Create zero-hour auto purge policies for malware
  • Turn on Microsoft Defender for Office 365 in SharePoint, OneDrive, and Microsoft Teams
  • Create zero-hour auto purge policies for phishing messages
  • Create zero-hour auto purge policies for spam messages
  • Block abuse of exploited vulnerable signed drivers
  • Turn on scanning of removable drives during a full scan

We want to hear from you

If you have any issues, let us know by posting in the Security, Privacy & Compliance community. We're monitoring the community and will provide help.