MC932478: Microsoft Secure Score: New Microsoft Defender for Identity recommendation

Announcement IDMC932478Published Date11-13-2024
ServiceMicrosoft365DefenderLast Updated11-13-2024
CategoryStay informedExpiration Date01-20-2025
Roadmap IDAction Required by Date
TagsAdmin impact, Feature update


Summary
                Microsoft Secure Score will add a new Defender for Identity recommendation, "Prevent Certificate Enrollment with arbitrary Application Policies (ESC15)", to improve security posture. Public Preview begins mid-November 2024, with General Availability starting late November 2024. No action is required for preparation.


More Information

We're updating Microsoft Secure Score improvement actions to ensure a more accurate representation of security posture.  A new Microsoft Defender for Identity posture recommendation will be added: "Prevent Certificate Enrollment with arbitrary Application Policies (ESC15)". 

Your score will be updated accordingly. 

When this will happen:

Public Preview: We will begin rolling out mid-November 2024 and expect to complete by mid-December 2024.

General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out late November 2024 and expect to complete by mid-December 2024.

Please note that in order to provide the recommendation as quickly as possible, it will be introduced to your environment at the earliest opportunity rather than on the regular monthly schedule. 

How this will affect your organization:

We are adding a new Microsoft Defender for Identity posture recommendation that will be added as Microsoft Secure Score improvement actions: "Prevent Certificate Enrollment with arbitrary Application Policies (ESC15)". 

This new security posture report is related to Active Directory Certificate Services (AD CS) that analyze the configurations of different AD CS components and guide remediation, if necessary.

This update is available by default.

What you need to do to prepare:

There's no action needed to prepare for this change. Your score will be updated accordingly. Microsoft recommends reviewing the improvement actions listed in Microsoft Secure Score. We will continue to add suggested security improvement actions on an ongoing basis.

Previous Post Next Post