Microsoft Defender Advanced Threat Protection (ATP) can now assess the collective security configuration state of devices on an enterprise network with the help of a new feature dubbed Microsoft Secure Score for Devices.
Microsoft Secure Score for Devices assesses the security state of enterprise networks dynamically, identifying unprotected systems and providing recommended actions to boost the overall security of an organization’s endpoints.
“Your score for devices is visible in the Threat & Vulnerability Management dashboard of the Microsoft Defender Security Center,” Microsoft explains in a new support document.
“A higher Microsoft Secure Score for Devices means your endpoints are more resilient from cybersecurity threat attacks.”
Through the Microsoft Secure Score for Devices card on the Threat & Vulnerability Management dashboard, users have access to data aggregated by:
Recommendations to boost endpoints’ security
At the moment, Microsoft Secure Score for Devices supports configurations set via Group Policy. As Microsoft explains, configurations set using Intune could be detected as misconfigured.
The new feature checks the security configuration state of enterprise network devices across the application, operating system, network, accounts, and security controls categories.
To improve their endpoints’ overall network security, users have to remediate the issues added to the security recommendations list.
While doing that, Microsoft Secure Score for Devices also improves, making it even easier to secure an org’s entire network against vulnerabilities and cybersecurity threats.
A detailed description of the procedure that needs to be followed to address the issues found by Microsoft Secure Score for Devices while assessing their network devices is available here.
Security updates needed to increase assessment accuracy
While going through the items listed on the Security recommendations page and addressing one item at a time, the Microsoft Secure Score for Devices will also increase.
Customers are advised by Microsoft to download the following mandatory security updates via the Microsoft Update Catalog and deploy them on their networks to increase the vulnerability assessment detection rates:
The Windows 10 Tamper Protection feature was also added to Microsoft Defender ATP Threat & Vulnerability Management in February to provide additional information on exposed machines in an organization.
Microsoft announced the addition of tamper protection to Microsoft Defender ATP for enterprise customers in March 2019.
Microsoft announced last month that its enterprise endpoint security platform is now has a new UEFI scanner capable of detecting and protecting customers from Unified Extensible Firmware Interface (UEFI) malware known to abuse security flaws impacting firmware and drivers.
Microsoft Defender ATP has also expanded to non-Windows platforms and is generally available for enterprise customers with Linux devices and in public preview for those using Android devices.