check before: 2024-09-15
Product:
Defender, Defender for Identity, Defender XDR, Entra
Platform:
Online, US Instances, World tenant
Status:
Change type:
Feature update, Admin impact
Links:
Details:
Summary:
Microsoft is updating Microsoft Secure Score by removing a Defender for Identity recommendation to better reflect security posture. The removal will not affect Secure Scores and requires no admin action. Notification to users and documentation updates are suggested. Rollout will occur mid to late September 2024.
Details:
We're updating Microsoft Secure Score improvement actions for Microsoft Defender for Identity to ensure a more accurate representation of your security posture.
As part of this update, we will withdraw this Microsoft Defender for Identity recommendation: Remove Resource Based Constrained Delegation for Microsoft Entra seamless SSO account.
This rollout is part of our work to refine the recommendations report, to ensure it aligns more accurately with recommended policies and enhances the overall security value.
[When this will happen:]
(Worldwide, GCC, DoD) We will begin rolling out mid-September 2024 and expect to complete by late September 2024.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2024-09-19
updated:
2024-09-19
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
summary for non-techies**
Microsoft is updating Microsoft Secure Score by removing the recommendation to eliminate "Resource Based Constrained Delegation" for a specific account, effective automatically between mid to late September 2024, without impacting the overall Secure Score.
Direct effects for Operations**
Removal of Defender for Identity Recommendation
The removal of the Defender for Identity recommendation may lead to confusion among users regarding their security posture, as they may not understand why a previously recommended action is no longer present.
- roles: Security Administrators, End Users
- references: https://techcommunity.microsoft.com/t5/security-compliance-identity/microsoft-defender-xdr-services-removing-defender-for-identity/ba-p/3851230
User Notification and Documentation Updates
Failure to notify users about the change may result in a lack of awareness, leading to potential security oversights or misinterpretations of the security score.
- roles: IT Support Staff, End Users
- references: https://techcommunity.microsoft.com/t5/security-compliance-identity/microsoft-defender-xdr-services-removing-defender-for-identity/ba-p/3851230
Configutation Options**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.