You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: ATPDocs/security-assessment.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -9,13 +9,13 @@ ms.topic: how-to
9
9
10
10
Typically, organizations of all sizes have limited visibility into whether or not their on-premises apps and services could introduce a security vulnerability to their organization. The problem of limited visibility is especially true regarding use of unsupported or outdated components.
11
11
12
-
While your company may invest significant time and effort on hardening identities and identity infrastructure (such as Active Directory, Active Directory Connect) as an on-going project, it's easy to remain unaware of common misconfigurations and use of legacy components that represent one of the greatest threat risks to your organization.
12
+
While your company may invest significant time and effort on hardening identities and identity infrastructure (such as Active Directory, Active Directory Connect) as an ongoing project, it's easy to remain unaware of common misconfigurations and use of legacy components that represent one of the greatest threat risks to your organization.
13
13
14
14
Microsoft security research reveals that most identity attacks utilize common misconfigurations in Active Directory and continued use of legacy components (such as NTLMv1 protocol) to compromise identities and successfully breach your organization. To combat this effectively, Microsoft Defender for Identity now offers proactive identity security posture assessments to detect and recommend actions across your on-premises Active Directory configurations.
15
15
16
16
## What do Defender for Identity security assessments provide?
17
17
18
-
Defender for Identity's security posture assessments are available in [Microsoft Secure Score](/microsoft-365/security/defender/microsoft-secure-score), and provide:
18
+
Defender for Identity security posture assessments are available in [Microsoft Secure Score](/microsoft-365/security/defender/microsoft-secure-score), and provide:
19
19
20
20
-**Detections and contextual data** on known exploitable components and misconfigurations, along with relevant paths for remediation.
21
21
@@ -28,17 +28,17 @@ Microsoft Secure Score is a measurement of an organization's security posture, w
28
28
### Categorization of MDI security posture assessments
29
29
30
30
For a deeper understanding of identity security risks and how to address them, Defender for Identity security posture assessments are categorized into five key areas:
31
-
-**Hybrid security**: Addresses the unique challenges and security considerations of integrating on-premises and cloud-based identity systems in hybrid environments including those associated with Entra Connect.
31
+
-**Hybrid security**: Addresses the unique challenges and security considerations of integrating on-premises and cloud-based identity systems in hybrid environments including Entra Connect.
32
32
-**Identity infrastructure**: Focuses on resolving misconfigurations and vulnerabilities in core identity components, such as domain controllers.
33
33
-**Certificates**: Identifies security gaps in Active Directory Certificate Services (AD CS) that could enable unauthorized access due to improper certificate management.
34
-
-**Group policy**: Identifies risky Group Policy configurations that could lead to privilege escalation or lateral movement within the network, ensuring that Group Policy settings are secure and do not introduce additional risks.
34
+
-**Group policy**: Identifies risky Group Policy configurations that could lead to privilege escalation or lateral movement within the network, ensuring that Group Policy settings are secure and don't introduce other risks.
35
35
-**Accounts**: Covers security issues related to Active Directory (AD) users, devices, and groups such as old passwords, dormant accounts, and other related vulnerabilities.
36
36
37
37
## Access Defender for Identity security posture assessments
38
38
39
39
You must have a Defender for Identity license to view Defender for Identity security posture assessments in Microsoft Secure Score.
40
40
41
-
While *certificate template* assessments are available to all customers that have AD CS installed on their environment, *certificate authority* assessments are available only to customers who've installed a sensor on an AD CS server. For more information, see [Configuring sensors for AD FS and AD CS](deploy/active-directory-federation-services.md).
41
+
While *certificate template* assessments are available to all customers that have AD CS installed on their environment, *certificate authority* assessments are available only to customers who have installed a sensor on an AD CS server. For more information, see [Configuring sensors for AD FS and AD CS](deploy/active-directory-federation-services.md).
0 commit comments