Microsoft Secure Score is adding recommendations for Microsoft Defender for Endpoint

Microsoft is adding seven recommendations for Microsoft Defender for Endpoint (previously Microsoft Defender ATP).

When this will happen

Microsoft will begin rolling this out in early December; the rollout will be complete the end of December.

How this affects your organization

Microsoft Defender for Endpoint is an enterprise endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats.

Improvement Actions:

1. Disable the built-in Administrator account
2. Disable the built-in Guest account
3. Enable EDR in block mode
4. Set ‘Minimum password length’ to ’14 or more characters’
5. Set ‘Enforce password history’ to ’24 or more password(s)’
6. Set ‘Maximum password age’ to ’60 or fewer days, but not 0′
7. Set ‘Minimum password age’ to ‘1 or more day(s)’

What you need to do to prepare

Microsoft Secure Score is a measurement of an organization’s security posture. Access Microsoft Secure Score at https://security.microsoft.com/securescore.

Microsoft Defender for Endpoint is one of the products that has improvement actions in Secure Score. We will continue to add suggested security actions on an ongoing basis.

Learn more

• Introduction to Microsoft Secure Score
• What’s new with Microsoft Secure Score