Microsoft is updating Microsoft Secure Score improvement actions for Defender for Identity, adding new recommendations such as installing sensors on ADCS, Entra Connect, and ADFS servers, and changing gMSA and sMSA account passwords. The rollout starts in March 2025, with no admin action required. Review configurations and notify admins.
We’re updating Microsoft Secure Score improvement actions of Microsoft Defender for Identity to ensure a more accurate representation of security posture. This rollout includes new posture recommendations that will be added as Microsoft Secure Score improvement actions and recommendations:
When this will happen:
Public Preview: We will begin rolling out mid-March 2025 and expect to complete by mid-April 2025.
General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out late March 2025 and expect to complete by late April 2025.
How this will affect your organization:
These new security posture reports will be available only if your tenant has a Defender for Identify sensor installed your identity infrastructure.
This update is available by default.
What you need to do to prepare:
This rollout will happen automatically by the specified date with no admin action required. Your score will be updated accordingly.
Review your current configuration to determine the impact for your organization. You may want to notify your admins about this change and update any relevant documentation.
Microsoft recommends reviewing the improvement actions listed in Microsoft Secure Score. We will continue to add suggested security improvement actions on an ongoing basis.