Microsoft Defender ATP can calculate security score of device and network

Microsoft Defender ATP can calculate security score of device and network

Microsoft Defender Advanced Threat Protection (ATP) now has a new set of firmware-level tools that can calculate a security score for your devices and network. The score will tell admins the health of your device’s environment based on its configurations.

A high score implies the shared configuration is in an excellent condition across operating systems, accounts, applications, network, and security controls.

Microsoft has called the configuration score the ‘Microsoft Secure Score for Devices‘, which is easily accessible in the Threat and Vulnerability Management service dashboard section of the Microsoft Defender Security Centre.

Why the Microsoft Secure Score tool is important

The tool will be crucial for security operations centres to scout a network for risks that could be averted through the right configuration settings, for instance, deploying highly privileged administrator rights on accounts not requiring that freedom level.

Microsoft stated that the data in the Microsoft Secure Score is the product of “meticulous and ongoing vulnerability discovery”, which encompasses, for instance, matching collected configurations with collected benchmarks, and choosing the best-practice benchmarks from security feeds, research teams, and vendors.

Defender Advanced Threat Protection users will get a recommendation list based on the scan findings. The list contains all kinds of recommendations that can be performed or requested to the system administrator. The descriptions can also give examples of the probable threat.

Users can send the remediation checklist to be converted in CSV format and share it with the appropriate internal teams to make sure measures are taken at the right time.

Microsoft warning

Microsoft warns there is a high probability of false alarms concerning only partial support for its Intune mobile device management platform. “Microsoft Secure Score for Devices currently supports configurations set via Group Policy,” it notes. It also means that external third party security devices or protection measures might not be detected by the tool.