You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/security-center/secure-score-security-controls.md
+4-21Lines changed: 4 additions & 21 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -52,34 +52,17 @@ The contribution of each Security Control towards the overall Secure Score is sh
52
52
53
53
To get all the possible points for a Security Control, all your resources must comply with all of the security recommendations within the Security Control. For example, Security Center has multiple recommendations regarding how to secure your management ports. In the past, you could remediate some of those related and interdependent recommendations while leaving others unsolved, and your Secure Score would improve. When looked at objectively, it's easy to argue that your security hadn't improved until you had resolved them all. Now, you must remediate them all to make a difference to your Secure Score.
54
54
55
-
For example, the Security Control called "Apply system updates" has a maximum score of six points:
55
+
For example, the Security Control called "Apply system updates" has a maximum score of six points which you can see in the tooltip on the potential increase value of the control:
If you have three virtual machines, each one can potentially contribute a score of 0 or 2 (since it must meet all recommendations).
57
+
[](media/secure-score-security-controls/apply-system-updates-control.png#lightbox)
60
58
61
59
### Calculations
62
60
63
-
***Secure Score** (Single subscription)
64
-
* Calculation: (Sum of your current points / sum of the maximum score available) * 100
65
-
* Example:
66
-
67
-
68
-
69
-
In this example, there is a single subscription with all Security Controls available (a potential maximum score of 60 points). The score shows 27 points out of a possible 60 and that is reflected in the figures on the recommendations page.
70
-
71
-
72
-
73
-
74
-
75
61
|Metric|Calculation|Example|
76
62
|-|-|-|
77
-
|**Secure Score**<br>Single subscription|(Sum of your current points /<br> sum of the maximum score available)<br> * 100|<br>In this example, there is a single subscription with all Security Controls available (a potential maximum score of 60 points). The score shows 27 points out of a possible 60 and that is reflected in the figures on the recommendations page.<br>|
78
-
|**Secure Score**<br>Multiple subscriptions|||
63
+
|**Secure Score**<br>Single subscription|(Sum of your current points /<br> sum of the maximum score available)<br> * 100|<br>In this example, there is a single subscription with all Security Controls available (a potential maximum score of 60 points). The score shows 27 points out of a possible 60 and the remaining 32 points are reflected in the "Potential score increase" figures of the Security Controls.<br>|
64
+
|**Secure Score**<br>Multiple subscriptions|(Sum of your current points for all resources in all subscriptions/<br> sum of the maximum score available)<br> * 100|When viewing multiple subscriptions, Secure Score evaluates all resources within all enabled policies and groups their combined impact on each Security Control's maximum score.<br><br>The combined scoer is **not** an average; rather it's the evaluated posture of the status of all resources across all subscriptions.<br>Here too, if you go to the recommendations page and add up the potential points available, you will find that it's the difference between the current score (24) and the maximum score available (60).|
79
65
80
-
* = The
81
-
* Secure Score (percentage) =
82
-
* When viewing multiple subscriptions, Secure Score evaluates all resources within all enabled policies and produces the value and percentage as above
0 commit comments