MC1181656 - Microsoft Secure Score: New recommendations for Microsoft Defender for Endpoint

Introduction

We’re introducing new Microsoft Secure Score recommendations for Microsoft Defender for Endpoint (MDE) to help organizations strengthen their security posture. These recommendations are designed to proactively block common attack techniques and improve endpoint protection.

When this will happen:

Public Preview: Rollout begins in early November 2025 and is expected to complete by mid-November 2025.

How this affects your organization:

Who is affected: Admins managing Microsoft Defender for Endpoint and Microsoft Secure Score.

What’s changing:

Lightweight Directory Access Protocol (LDAP) is a protocol used to access and manage directory information, commonly for authentication and authorization in enterprise environments.

Customers in Public Preview will see the following new recommendations in Microsoft Secure Score:

1. Require LDAP client signing to prevent tampering and protect directory authentication 
2. Encrypt LDAP client traffic to protect sensitive data in transi 
3. Enforce LDAP channel binding to protect authentication sessions from interception 
4. Require LDAP server signing to ensure integrity of directory traffic

Secure Score will be updated based on the implementation of these recommendations.

What you can do to prepare:

• Review the new recommendations in Microsoft Secure Score once available.
• Complete the recommended actions to improve your organization’s security posture.
• Communicate these changes to your security and endpoint management teams.
• Learn more about Microsoft Secure Score: Microsoft Secure Score | Microsoft Defender XDR | Microsoft Defender | Microsoft Learn

Compliance considerations:

No compliance considerations identified, review as appropriate for your organization.