设备的 Microsoft 安全功能分数Microsoft Secure Score for Devices

适用于:Applies to:

想要体验适用于终结点的 Defender?Want to experience Defender for Endpoint? 注册免费试用版。Sign up for a free trial.

备注

配置分数现在是威胁和漏洞管理的一部分,作为 Microsoft 设备安全分数。Configuration score is now part of threat and vulnerability management as Microsoft Secure Score for Devices.

你的设备分数显示在 Microsoft Defender安全中心的威胁和漏洞管理仪表板中。Your score for devices is visible in the threat and vulnerability management dashboard of the Microsoft Defender Security Center. 设备的 Microsoft 安全分数越高,你的终结点就更能够抵御网络安全威胁攻击。A higher Microsoft Secure Score for Devices means your endpoints are more resilient from cybersecurity threat attacks. 它反映你的设备跨以下类别的安全配置状态:It reflects the collective security configuration state of your devices across the following categories:

  • 应用程序Application
  • 操作系统Operating system
  • 网络Network
  • 帐户Accounts
  • 安全控件Security controls

选择类别以转到" 安全建议"页 并查看相关建议。Select a category to go to the Security recommendations page and view the relevant recommendations.

打开 Microsoft 安全分数连接器Turn on the Microsoft Secure Score connector

转发 Microsoft Defender for Endpoint 信号,使 Microsoft 安全分数能够查看设备安全状态。Forward Microsoft Defender for Endpoint signals, giving Microsoft Secure Score visibility into the device security posture. 转发数据的存储和处理位置与 Microsoft 安全分数数据位于同一位置。Forwarded data is stored and processed in the same location as your Microsoft Secure Score data.

更改可能需要几个小时才能反映在仪表板中。Changes might take up to a few hours to reflect in the dashboard.

  1. 在导航窗格中,转到"设置 > ""高级功能"In the navigation pane, go to Settings > Advanced features

  2. 向下滚动到 Microsoft 安全分数,将设置切换为 "打开"。Scroll down to Microsoft Secure Score and toggle the setting to On.

  3. 选择 保存首选项Select Save preferences.

运作方式How it works

备注

Microsoft 设备安全分数当前支持通过组策略设置的配置。Microsoft Secure Score for Devices currently supports configurations set via Group Policy. 由于当前部分 Intune 支持,可能通过 Intune 设置的配置可能会显示为错误配置。Due to the current partial Intune support, configurations which might have been set through Intune might show up as misconfigured. 如果组织使用 Intune 进行安全配置管理,请与 IT 管理员联系以验证实际配置状态。Contact your IT Administrator to verify the actual configuration status in case your organization is using Intune for secure configuration management.

Microsoft 设备安全分数卡中的数据是不断发现漏洞的过程的产品。The data in the Microsoft Secure Score for Devices card is the product of meticulous and ongoing vulnerability discovery process. 它将与配置发现评估聚合,持续:It is aggregated with configuration discovery assessments that continuously:

  • 将收集的配置与收集的基准进行比较以发现配置不当的资产Compare collected configurations to the collected benchmarks to discover misconfigured assets
  • 将配置映射到可修正或部分修复的漏洞 (风险) Map configurations to vulnerabilities that can be remediated or partially remediated (risk reduction)
  • 收集和维护最佳做法配置基准 (供应商、安全源、内部研究团队) Collect and maintain best practice configuration benchmarks (vendors, security feeds, internal research teams)
  • 收集并监视来自所有资产的安全控制配置状态更改Collect and monitor changes of security control configuration state from all assets

改进安全配置Improve your security configuration

通过修正安全建议列表中的问题来改进安全配置。Improve your security configuration by remediating issues from the security recommendations list. 当你这样做时,你的 Microsoft 设备安全分数会提高,并且你的组织可以更加抵御网络安全威胁和漏洞。As you do so, your Microsoft Secure Score for Devices improves and your organization becomes more resilient against cybersecurity threats and vulnerabilities.

  1. 从威胁和漏洞管理仪表板中的"Microsoft 设备安全分数"卡中,选择其中一个类别。From the Microsoft Secure Score for Devices card in the threat and vulnerability management dashboard, select the one of the categories. 您将查看与类别相关的建议列表。You'll view the list of recommendations related to that category. 它将你访问" 安全建议" 页。It will take you to the Security recommendations page. 如果要查看所有安全建议,在进入"安全建议"页面后,清除搜索字段。If you want to see all security recommendations, once you get to the Security recommendations page, clear the search field.

  2. 在列表中选择一个项。Select an item on the list. 该飞出面板将打开,并包含与建议相关的详细信息。The flyout panel will open with details related to the recommendation. 选择 修正选项Select Remediation options.

    安全控制相关的安全建议

  3. 阅读说明,了解问题的上下文以及下一步要执行哪些操作。Read the description to understand the context of the issue and what to do next. 选择截止日期、添加备注,然后选择"将所有修正 活动 数据导出到 CSV",以便你可以将其附加到电子邮件进行跟踪。Select a due date, add notes, and select Export all remediation activity data to CSV so you can attach it to an email for follow-up.

  4. 提交请求Submit request. 你将看到一条确认消息,表明已创建修正任务。You'll see a confirmation message that the remediation task has been created. 修正任务创建确认Remediation task creation confirmation

  5. 保存 CSV 文件。Save your CSV file. 保存 csv 文件Save csv file

  6. 向 IT 管理员发送后续电子邮件,并允许分配修正时间在系统中传播。Send a follow-up email to your IT Administrator and allow the time that you've allotted for the remediation to propagate in the system.

  7. 再次查看 仪表板上的 Microsoft 设备 安全分数卡。Review the Microsoft Secure Score for Devices card again on the dashboard. 安全控制建议的数量将减少。The number of security controls recommendations will decrease. 选择"安全控件"返回到"安全建议"页时,已解决的项目不会再列出。When you select Security controls to go back to the Security recommendations page, the item that you've addressed won't be listed there anymore. 你的 Microsoft 设备安全分数应增加。Your Microsoft Secure Score for Devices should increase.

重要

若要提高漏洞评估检测速率,请下载以下必需的安全更新,然后将它们部署到网络中:To boost your vulnerability assessment detection rates, download the following mandatory security updates and deploy them in your network:

若要下载安全更新,请执行以下措施:To download the security updates:

  1. 转到 Microsoft 更新目录Go to Microsoft Update Catalog.
  2. 需要下载的安全更新 KB 编号的键,然后单击"搜索 "。Key-in the security update KB number that you need to download, then click Search.