MC1130384 - Microsoft Defender for Identity: New recommendations added to Microsoft Secure Score

Service

Microsoft Defender XDR

Published

Aug 6, 2025

Tag

Feature update

Summary

Microsoft Secure Score will add new improvement actions based on Microsoft Defender for Identity recommendations, rolling out from mid-August to late October 2025. These include removing inactive service accounts and discovered passwords. No admin action is needed; updates appear if a Defender for Identity sensor is deployed.

More information

Introduction

We’re enhancing Microsoft Secure Score by introducing new improvement actions based on Microsoft Defender for Identity posture recommendations. These updates provide a more accurate reflection of your organization’s identity security posture and help strengthen your overall security configuration.

When this will happen

  • Public Preview: Rollout begins mid-August 2025 and completes by mid-September 2025.
  • General Availability: Rollout begins mid-September 2025 and completes by late October 2025. Applies to Worldwide, GCC, GCC High, and DoD environments.

How this affects your organization

New posture recommendations will appear in Microsoft Secure Score as improvement actions. These include:

  • Remove inactive service accounts
  • Remove discovered passwords in Active Directory account attributes

These recommendations will be visible only if your tenant has a Defender for Identity sensor deployed in your identity infrastructure. The update is enabled by default and requires no configuration changes.

What you can do to prepare

  • No admin action is required before or after rollout.
  • Review your current identity configuration to assess potential impact.
  • Notify relevant administrators and update internal documentation as needed.
  • Regularly review Microsoft Secure Score to monitor and act on new improvement suggestions.

Compliance considerations

No compliance considerations identified, review as appropriate for your organization.