Microsoft Defender Advanced Threat Protection (ATP) can now assess the state of the collective security configuration of devices on a corporate network using a new feature called Microsoft Secure Score for Devices.
Microsoft Secure Score for Devices dynamically assesses the security status of corporate networks, identifying unprotected systems and providing recommended actions to strengthen the overall security of an organization’s endpoints.
“Your device score is visible in the Microsoft Defender Security Center Threat and Vulnerability Management dashboard,” Microsoft says in a new support document.
“A higher Microsoft Device Security Score means your endpoints are more resilient to cyber security threat attacks. “
Using the Microsoft Secure Score for Devices card on the Threat & Vulnerability Management dashboard, users have access to data aggregated by:
Recommendations for strengthening endpoint security
Currently, Microsoft Secure Score for Devices supports configurations set through Group Policy. As Microsoft explains, configurations made using Intune can be detected as misconfigured.
The new feature checks the security configuration status of corporate network devices across the categories of application, operating system, network, accounts, and security controls.
To improve the overall network security of their endpoints, users should resolve issues added to the list of security recommendations.
In doing so, Microsoft Secure Score for Devices also improves, making it even easier to secure an organization’s entire network against vulnerabilities and cybersecurity threats.
A detailed description of how to troubleshoot issues that Microsoft Secure Score for Devices detected while evaluating their network devices can be found here.
Security updates needed to increase the accuracy of the assessment
By going through the items listed on the Safety recommendations page and tackling one item at a time, the Microsoft Secure score for devices will also increase.
Customers are encouraged by Microsoft to download the following mandatory security updates through the Microsoft Update Catalog and deploy them to their networks to increase detection rates of vulnerability assessments:
The Windows 10 Tamper Protection feature was also added to Microsoft Defender ATP Threat & Vulnerability Management in February to provide additional insight into exposed machines in an organization.
Microsoft announced the addition of tamper protection to Microsoft Defender ATP for business customers in March 2019.
Microsoft announced last month that its enterprise endpoint security platform now has a new UEFI scanner capable of detecting and protecting customers from Unified Extensible Firmware Interface (UEFI) malware known to abuse the flaws. security affecting firmware and drivers.
Microsoft Defender ATP has also spread to non-Windows platforms and is generally available for enterprise customers with Linux devices and in public preview for those using Android devices.