You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-endpoint/attack-surface-reduction-rules-report.md
+22-7Lines changed: 22 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -58,15 +58,30 @@ For more information about individual attack surface reduction rules, see [Attac
58
58
59
59
To access the attack surface reduction rules report in the Microsoft Defender portal, the following permissions are required:
60
60
61
-
| Permission type | Permission | Permission display name |
62
-
|:---|:---|:---|
63
-
| Application |`Machine.Read.All`|`Read all machine profiles`|
64
-
| Delegated (work or school account) |`Machine.Read`|`Read machine information`|
61
+
| Permission name | Permission type |
62
+
|:---|:---|
63
+
| View Data | Security operations |
64
+
65
+
> [!IMPORTANT]
66
+
> Microsoft recommends that you use roles with the fewest permissions. This helps improve security for your organization. Global Administrator is a highly privileged role that should be limited to emergency scenarios when you can't use an existing role.
67
+
68
+
69
+
To Assign these permissions:
70
+
71
+
1. Sign in to the <ahref="https://go.microsoft.com/fwlink/p/?linkid=2077139"target="_blank">Microsoft Defender portal</a> using account with Security administrator or Global administrator role assigned.
72
+
73
+
1. In the navigation pane, select **Settings**\>**Endpoints**\>**Roles** (under **Permissions**).
74
+
75
+
1. Select the role you'd like to edit.
76
+
77
+
1. Select **Edit**.
78
+
79
+
1. In **Edit role**, on the **General** tab, in **Role name**, type a name for the role.
80
+
81
+
1. In **Description** type a brief summary of the role.
65
82
66
-
You can assign permissions by using Microsoft Entra ID or the Microsoft Defender portal.
83
+
1. In **Permissions**, select **View Data**, and under **View Data** select **Security operations**.
67
84
68
-
- To use Microsoft Entra ID, see [Assign Microsoft Entra roles to users](/entra/identity/role-based-access-control/manage-roles-portal)
69
-
- To use the Microsoft Defender portal, see [Assign user access](assign-portal-access.md).
70
85
71
86
## Navigate to the attack surface reduction rules report
0 commit comments