September 22, 2022

Microsoft Defender ATP Now Can Secure Network Devices

Microsoft Defender Advanced Threat Protection (ATP) can now assess the state of the collective security configuration of devices on a corporate network using a new feature called Microsoft Secure Score for Devices.

Microsoft Secure Score for Devices dynamically assesses the security status of corporate networks, identifying unprotected systems and providing recommended actions to strengthen the overall security of an organization’s endpoints.

“Your device score is visible in the Microsoft Defender Security Center Threat and Vulnerability Management Dashboard,” Microsoft Explain in a new supporting document.

“A higher Microsoft Device Security Score means your endpoints are more resilient to cyber security threat attacks. “

Using the Microsoft Secure Score for Devices card on the Threat & Vulnerability Management dashboard, users have access to data aggregated by:

• Comparison of collected configurations to collected benchmarks to discover poorly configured assets
• Mapping of configurations to vulnerabilities that can be patched or partially patched (risk reduction)
• Collect and maintain best practice configuration references (suppliers, security flows, internal research teams)
• Collect and monitor security control configuration state changes of all assets

Recommendations for strengthening endpoint security

Currently, Microsoft Secure Score for Devices supports configurations set through Group Policy. As Microsoft explains, configurations made using Intune can be detected as misconfigured.

The new feature checks the security configuration status of corporate network devices across the categories of application, operating system, network, accounts, and security controls.

To improve the overall network security of their endpoints, users should resolve issues added to the list of security recommendations.

In doing so, Microsoft Secure Score for Devices also improves, making it even easier to secure an organization’s entire network against vulnerabilities and cybersecurity threats.

Example of safety recommendations
Example of safety recommendations (Microsoft)

A detailed description of how to troubleshoot issues detected by Microsoft Secure Score for Devices while evaluating their network devices is available. here.

Security updates needed to increase the accuracy of the assessment

By going through the items listed on the Safety recommendations page and tackling one item at a time, the Microsoft Secure score for devices will also increase.

Customers are encouraged by Microsoft to download the following mandatory security updates through the Microsoft Update Catalog and deploy them on their networks to increase the detection rates of vulnerability assessments:

The Windows 10 Tamper Protection feature was also added to Microsoft Defender ATP Threat & Vulnerability Management in February to provide additional insight into exposed machines in an organization.

Microsoft announced the addition of tamper protection to Microsoft Defender ATP for business customers in March 2019.

Microsoft announced last month that its enterprise endpoint security platform now has a new UEFI scanner capable of detecting and protecting customers from Unified Extensible Firmware Interface (UEFI) malware known to abuse the flaws. security affecting firmware and drivers.

Microsoft Defender ATP has also spread to non-Windows platforms and is generally available for enterprise customers with Linux devices and in public preview for those using Android devices.

Source link