You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/defender-for-cloud/review-security-recommendations.md
+10-8Lines changed: 10 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -2,15 +2,17 @@
2
2
title: Improving your security posture with recommendations in Microsoft Defender for Cloud
3
3
description: This document walks you through how to identify security recommendations that will help you improve your security posture.
4
4
ms.topic: how-to
5
-
ms.date: 06/29/2022
5
+
ms.date: 01/10/2023
6
6
---
7
+
7
8
# Find recommendations that can improve your security posture
8
9
9
10
To improve your [secure score](secure-score-security-controls.md), you have to implement the security recommendations for your environment. From the list of recommendations, you can use filters to find the recommendations that have the most impact on your score, or the ones that you were assigned to implement.
10
11
11
12
To get to the list of recommendations:
12
13
13
14
1. Sign in to the [Azure portal](https://portal.azure.com).
15
+
14
16
1. Either:
15
17
- In the Defender for Cloud overview, select **Security posture** and then select **View recommendations** for the environment that you want to improve.
16
18
- Go to **Recommendations** in the Defender for Cloud menu.
@@ -22,7 +24,7 @@ You can learn more by watching this video from the Defender for Cloud in the Fie
22
24
23
25
## Finding recommendations with high impact on your secure score<aname="monitor-recommendations"></a>
24
26
25
-
Your [secure score is calculated](secure-score-security-controls.md?branch=main#how-your-secure-score-is-calculated) based on the security recommendations that you have implemented. In order to increase your score and improve your security posture, you have to find recommendations with unhealthy resources and [remediate those recommendations](implement-security-recommendations.md).
27
+
Your [secure score is calculated](secure-score-security-controls.md?branch=main#how-your-secure-score-is-calculated) based on the security recommendations that you've implemented. In order to increase your score and improve your security posture, you have to find recommendations with unhealthy resources and [remediate those recommendations](implement-security-recommendations.md).
26
28
27
29
The list of recommendations shows the **Potential score increase** that you can achieve when you remediate all of the recommendations in the security control.
28
30
@@ -32,13 +34,13 @@ To find recommendations that can improve your secure score:
32
34
- You can also use the search box and filters above the list of recommendations to find specific recommendations.
33
35
1. Open a security control to see the recommendations that have unhealthy resources.
34
36
35
-
When you [remediate](implement-security-recommendations.md) all of the recommendations in the security control, your secure score increases by the percentage points listed for the control.
37
+
When you [remediate](implement-security-recommendations.md) all of the recommendations in the security control, your secure score increases by the percentage point listed for the control.
36
38
37
39
## Manage the owner and ETA of recommendations that are assigned to you
38
40
39
-
[Security teams can assign a recommendation](governance-rules.md) to a specific person and assign a due date to drive your organization towards increased security. If you have recommendations assigned to you, you are accountable to remediate the resources affected by the recommendations to help your organization be compliant with the security policy.
41
+
[Security teams can assign a recommendation](governance-rules.md) to a specific person and assign a due date to drive your organization towards increased security. If you have recommendations assigned to you, you're accountable to remediate the resources affected by the recommendations to help your organization be compliant with the security policy.
40
42
41
-
Recommendations are listed as **On time** until their due date is passed, when they are changed to **Overdue**. Before the recommendation is overdue, the recommendation does not impact the secure score. The security team can also apply a grace period during which overdue recommendations continue to not impact the secure score.
43
+
Recommendations are listed as **On time** until their due date is passed, when they're changed to **Overdue**. Before the recommendation is overdue, the recommendation doesn't impact the secure score. The security team can also apply a grace period during which overdue recommendations continue to not impact the secure score.
42
44
43
45
To help you plan your work and report on progress, you can set an ETA for the specific resources to show when you plan to have the recommendation resolved by for those resources. You can also change the owner of the recommendation for specific resources so that the person responsible for remediation is assigned to the resource.
44
46
@@ -49,19 +51,19 @@ To change the owner of resources and set the ETA for remediation of recommendati
49
51
1. In the filters for list of recommendations, select **Show my items only**.
50
52
51
53
- The status column indicates the recommendations that are on time, overdue, or completed.
52
-
- The insights column indicates the recommendations that are in a grace period, so they currently do not impact your secure score until they become overdue.
54
+
- The insights column indicates the recommendations that are in a grace period, so they currently don't impact your secure score until they become overdue.
53
55
54
56
1. Select an on time or overdue recommendation.
55
57
1. For the resources that are assigned to you, set the owner of the resource:
56
58
1. Select the resources that are owned by another person, and select **Change owner and set ETA**.
57
59
1. Select **Change owner**, enter the email address of the owner of the resource, and select **Save**.
58
-
The owner of the resource gets a weekly email listing the recommendations that they are assigned to.
60
+
The owner of the resource gets a weekly email listing the recommendations that they're assigned to.
59
61
1. For resources that you own, set an ETA for remediation:
60
62
1. Select resources that you plan to remediate by the same date, and select **Change owner and set ETA**.
61
63
1. Select **Change ETA** and set the date by which you plan to remediate the recommendation for those resources.
62
64
1. Enter a justification for the remediation by that date, and select **Save**.
63
65
64
-
The due date for the recommendation does not change, but the security team can see that you plan to update the resources by the specified ETA date.
66
+
The due date for the recommendation doesn't change, but the security team can see that you plan to update the resources by the specified ETA date.
65
67
66
68
## Review recommendation data in Azure Resource Graph Explorer (ARG)
0 commit comments