Understand Microsoft Secure Score
The Secure Score is a holistic view of the Microsoft Secure Score (365), which is a measurement of an organization's security posture, with a higher number indicating more recommended actions taken, and the Cloud Secure score (Risk based), that is a representation of your organizations cloud security posture. They're part of the Exposure Management tools in the Microsoft Defender portal.
Following the Secure Score recommendations can protect your organization from threats. From a centralized dashboard in the Microsoft Defender portal, organizations can monitor and work on the security of their Microsoft 365 identities, apps, and devices.
Organizations gain access to robust visualizations of metrics and trends, integration with other Microsoft products, score comparison with similar organizations, and much more. The score can also reflect when third-party solutions have addressed recommended actions.
Products included in Secure Score
Currently there are recommendations for the following products:
- Microsoft Defender for Office
- Exchange Online
- Microsoft Entra ID
- Microsoft Defender for Endpoint
- Microsoft Defender for Identity
- Microsoft Defender for Cloud Apps
- Microsoft Purview Information Protection
- Defender for Cloud Apps
- Microsoft Teams
- App governance
- Citrix ShareFile
- Docusign
- GitHub
- Okta
- Salesforce
- ServiceNow
- SharePoint Online
- Zoom
You can also mark the improvement actions as covered by a third party or alternate mitigation.
Take action to improve your score
The Recommended actions tab lists the security recommendations that address possible attack surfaces. It also includes their status (to address, planned, risk accepted, resolved through third party, resolved through alternate mitigation, and completed). You can search, filter, and group all the improvement actions.