You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/defender-for-cloud/upcoming-changes.md
+27-1Lines changed: 27 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -2,7 +2,7 @@
2
2
title: Important upcoming changes
3
3
description: Upcoming changes to Microsoft Defender for Cloud that you might need to be aware of and for which you might need to plan.
4
4
ms.topic: overview
5
-
ms.date: 04/03/2024
5
+
ms.date: 06/03/2024
6
6
---
7
7
8
8
# Important upcoming changes to Microsoft Defender for Cloud
@@ -25,6 +25,7 @@ If you're looking for the latest release notes, you can find them in the [What's
25
25
26
26
| Planned change | Announcement date | Estimated date for change |
27
27
|--|--|--|
28
+
|[Changes to identity recommendations](#changes-to-identity-recommendations)| June 3, 2024 | July 2024 |
28
29
|[Removal of FIM over AMA and release of new version over Defender for Endpoint](#removal-of-fim-over-ama-and-release-of-new-version-over-defender-for-endpoint)| May 1, 2024 | June 2024 |
29
30
|[Deprecation of system update recommendations](#deprecation-of-system-update-recommendations)| May 1, 2024 | May 2024 |
30
31
|[Deprecation of MMA related recommendations](#deprecation-of-mma-related-recommendations)| May 1, 2024 | May 2024 |
@@ -46,6 +47,31 @@ If you're looking for the latest release notes, you can find them in the [What's
46
47
|[Deprecating two security incidents](#deprecating-two-security-incidents)|| November 2023 |
47
48
|[Defender for Cloud plan and strategy for the Log Analytics agent deprecation](#defender-for-cloud-plan-and-strategy-for-the-log-analytics-agent-deprecation)|| August 2024 |
48
49
50
+
## Changes to identity recommendations
51
+
52
+
**Announcement date: June 3, 2024**
53
+
54
+
**Estimated date for change: July 2024**
55
+
56
+
These changes:
57
+
58
+
- The assessed resource will become the identity instead of the subscription
59
+
- The recommendations won't have 'sub-recommendations' anymore
60
+
- The value of the 'assessmentKey' field in the API will be changed for those recommendations
61
+
62
+
Will be applied to the following recommendations:
63
+
64
+
- Accounts with owner permissions on Azure resources should be MFA enabled
65
+
- Accounts with write permissions on Azure resources should be MFA enabled
66
+
- Accounts with read permissions on Azure resources should be MFA enabled
67
+
- Guest accounts with owner permissions on Azure resources should be removed
68
+
- Guest accounts with write permissions on Azure resources should be removed
69
+
- Guest accounts with read permissions on Azure resources should be removed
70
+
- Blocked accounts with owner permissions on Azure resources should be removed
71
+
- Blocked accounts with read and write permissions on Azure resources should be removed
72
+
- A maximum of 3 owners should be designated for your subscription
73
+
- There should be more than one owner assigned to your subscription
74
+
49
75
## Removal of FIM over AMA and release of new version over Defender for Endpoint
0 commit comments