MC810408 - New: Microsoft Defender for Endpoint: Removing a recommendation to update Microsoft Secure Score

We’re updating the Microsoft Secure Score improvement action of Microsoft Defender for Endpoint (MDE) to ensure a more accurate representation of security posture.

As part of this update, we will withdraw the MDE recommendation in SCID-2051: Turn on Microsoft Defender Application Guard managed mode.

We are working to refine the recommendation, ensuring it aligns more accurately with recommended policies and enhances the overall security value.

When this will happen:

Targeted Release: We will begin rolling out in mid-July 2024 and expect to complete by mid-July 2024.

General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out in late July 2024 and expect to complete by mid-August 2024.

How this will affect your organization:

Before the rollout: The “Turn on Microsoft Defender Application Guard managed mode” recommendation appears in MDE.

After the rollout: We will remove the “Turn on Microsoft Defender Application Guard managed mode” recommendation from MDE and update the security score for each organization.

This update is available by default and accessible to all Microsoft Defender for Endpoint customers.

CID-2051 – Turn on Microsoft Defender Application Guard managed mode will be removed:

What you need to do to prepare:

This rollout will happen automatically by the specified date with no admin action required before the rollout. You may want to notify your users about this change and update any relevant documentation.