MC1154297 – Microsoft Defender for Identity: New recommendations for Microsoft Secure Score

Product:

Defender, Defender for Identity, Defender XDR, Entra, Microsoft 365 Groups

Platform:

Online, US Instances, World tenant

Status:

Change type:

Feature update, Admin impact

Links:

Details:

Summary:
Microsoft Defender for Identity will add new Secure Score improvement actions by late 2025 to better identify identity risks. These include identifying privileged service accounts, removing stale AD accounts, and disabling Entra Seamless SSO. No admin action is needed, but review configurations and notify security teams.

Details:
[Introduction]
To improve the accuracy of Microsoft Secure Score and better reflect your organization's security posture, we're updating the improvement actions related to Microsoft Defender for Identity. This update introduces new posture recommendations that will appear as Secure Score improvement actions, helping you identify and remediate potential identity risks more effectively.
[When this will happen:]
Public Preview: Begins mid-October 2025; expected completion by mid-November 2025.
General Availability (Worldwide, GCC, GCC High, DoD): Begins late October 2025; expected completion by late November 2025.

Change Category:
XXXXXXX ... free basic plan only

Scope:
XXXXXXX ... free basic plan only

Release Phase:

Created:
2025-09-17

updated:
2025-09-17

Task Type

XXXXXXX ... free basic plan only

Docu to Check

XXXXXXX ... free basic plan only

MS How does it affect me

XXXXXXX ... free basic plan only

MS Preperations

XXXXXXX ... free basic plan only

MS Urgency

XXXXXXX ... free basic plan only

MS workload name

XXXXXXX ... free basic plan only

summary for non-techies**

XXXXXXX ... free basic plan only

Direct effects for Operations**

Identity Risk Management
Failure to review and implement new recommendations may lead to unaddressed identity risks, such as stale accounts or misconfigured privileged accounts, increasing vulnerability to security breaches.
   - roles: Security Admin, IT Manager
   - references: https://learn.microsoft.com/microsoft-365/security/mtp/microsoft-secure-score

User Access Issues
Disabling Entra Seamless SSO without preparation could lead to user access issues, causing disruptions in user experience and productivity as users may face difficulties logging in.
   - roles: End User, Help Desk Support
   - references: https://learn.microsoft.com/microsoft-365/security/mtp/microsoft-secure-score

Configutation Options**

XXXXXXX ... paid membership only

Data Protection**

XXXXXXX ... paid membership only

IT Security**

XXXXXXX ... paid membership only

explanation for non-techies**

Imagine your organization's security system as a fortress. Just like a fortress needs regular inspections to ensure its defenses are strong, your IT security setup requires regular updates and improvements to stay robust against potential threats. Microsoft Defender for Identity is like a team of inspectors that helps you find weak spots in your security fortress.

By late 2025, Microsoft is introducing new "inspection points" to better identify risks related to identity, which is like checking the credentials of everyone who has access to your fortress. These inspection points will help you spot things like service accounts with too much power, old accounts that should be closed, and any accounts that might have unnecessary access to sensitive areas.

Think of Microsoft Secure Score as a report card for your fortress's security. The new updates will automatically add these inspection points to your report card, helping you see where improvements are needed. Just like a fortress commander would want to know about any vulnerabilities, it's important for your security team to be aware of these updates.

You don't need to do anything special to prepare for these changes, but it's a good idea to review your current setup to understand how these new inspection points might affect your security score. Inform your security team so they can keep an eye on these updates and make any necessary adjustments to maintain a strong defense.

Remember, just like maintaining a fortress, keeping your IT security strong is an ongoing process. Regularly checking your Secure Score will help ensure your organization remains protected against potential threats.