Microsoft Defender ATP now helps secure network devices

Microsoft Defender Advanced Threat Protection (ATP) can now assess the collective security configuration state of devices on an enterprise network with the help of a new feature dubbed Microsoft Secure Score for Devices.

Microsoft Secure Score for Devices assesses the security state of enterprise networks dynamically, identifying unprotected systems and providing recommended actions to boost the overall security of an organization’s endpoints.

“Your score for devices is visible in the Threat & Vulnerability Management dashboard of the Microsoft Defender Security Center,” Microsoft explains in a new support document.

“A higher Microsoft Secure Score for Devices means your endpoints are more resilient from cybersecurity threat attacks.”

Through the Microsoft Secure Score for Devices card on the Threat & Vulnerability Management dashboard, users have access to data aggregated by:

• Comparing collected configurations to the collected benchmarks to discover misconfigured assets
• Mapping configurations to vulnerabilities that can be remediated or partially remediated (risk reduction)
• Collecting and maintaining best-practice configuration benchmarks (vendors, security feeds, internal research teams)
• Collecting and monitoring changes of security control configuration state from all assets

Recommendations to boost endpoints’ security

At the moment, Microsoft Secure Score for Devices supports configurations set via Group Policy. As Microsoft explains, configurations set using Intune could be detected as misconfigured.

The new feature checks the security configuration state of enterprise network devices across the application, operating system, network, accounts, and security controls categories.

To improve their endpoints’ overall network security, users have to remediate the issues added to the security recommendations list.

While doing that, Microsoft Secure Score for Devices also improves, making it even easier to secure an org’s entire network against vulnerabilities and cybersecurity threats.

Example security recommendations
Example security recommendations (Microsoft)

A detailed description of the procedure that needs to be followed to address the issues found by Microsoft Secure Score for Devices while assessing their network devices is available here.

Security updates needed to increase assessment accuracy

While going through the items listed on the Security recommendations page and addressing one item at a time, the Microsoft Secure Score for Devices will also increase.

Customers are advised by Microsoft to download the following mandatory security updates via the Microsoft Update Catalog and deploy them on their networks to increase the vulnerability assessment detection rates:

The Windows 10 Tamper Protection feature was also added to Microsoft Defender ATP Threat & Vulnerability Management in February to provide additional information on exposed machines in an organization.

Microsoft announced the addition of tamper protection to Microsoft Defender ATP for enterprise customers in March 2019.

Microsoft announced last month that its enterprise endpoint security platform is now has a new UEFI scanner capable of detecting and protecting customers from Unified Extensible Firmware Interface (UEFI) malware known to abuse security flaws impacting firmware and drivers.

Microsoft Defender ATP has also expanded to non-Windows platforms and is generally available for enterprise customers with Linux devices and in public preview for those using Android devices.


Next Post

How NASA’s new rover will search for signs of ancient life on Mars | Science

Fri Jul 3 , 2020
By Kelso Harper, Joel GoldbergJul. 2, 2020 , 8:00 AM If NASA realizes its midsummer dream, a spacecraft will blast off from Cape Canaveral, Florida, sometime between 30 July and 15 August, destined to ignite the next generation of Mars exploration. The mission aims to deliver the space agency’s latest rover, […]