You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: ATPDocs/security-assessment.md
+9-8Lines changed: 9 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -25,14 +25,15 @@ Defender for Identity security posture assessments are available in [Microsoft S
25
25
26
26
Microsoft Secure Score is a measurement of an organization's security posture, with a higher number indicating more recommended actions taken. It can be found at <https://security.microsoft.com/securescore> in the [Microsoft Defender portal](/microsoft-365/security/defender/microsoft-365-defender).
27
27
28
-
### Categorization of MDI security posture assessments
29
-
30
-
For a deeper understanding of identity security risks and how to address them, Defender for Identity security posture assessments are categorized into five key areas:
31
-
-**Hybrid security**: Addresses security considerations in hybrid environments including Entra Connect.
32
-
-**Identity infrastructure**: Focuses on resolving misconfigurations and vulnerabilities in core identity components, such as domain controllers.
33
-
-**Certificates**: Identifies security gaps in Active Directory Certificate Services (AD CS) that could enable unauthorized access due to improper certificate management.
34
-
-**Group policy**: Identifies risky Group Policy configurations that could lead to privilege escalation or lateral movement within the network, ensuring that Group Policy settings are secure and don't introduce other risks.
35
-
-**Accounts**: Covers security issues related to Active Directory (AD) users, devices, and groups such as old passwords, dormant accounts, and other related vulnerabilities.
28
+
### Categorization of Defender for Identity security posture assessments
29
+
30
+
Defender for Identity security posture assessments are divided into five key categories, each addressing specific identity security risks and providing remediation guidance:
31
+
32
+
-**Hybrid security**: Identifies misconfigurations in environments that integrate both on-premises (e.g., Active Directory) and cloud-based identity providers (e.g., Entra ID, Okta). Assesses risks related to synchronization, authentication, and authorization across platforms.
33
+
-**Identity infrastructure**: Detects misconfigurations and vulnerabilities in core identity components, including domain controllers.
34
+
-**Certificates**: Assesses Active Directory Certificate Services (AD CS) for security gaps, such as misconfigured certificate templates or weak certificate authority settings. Identifying and addressing these issues helps prevent unauthorized access that could arise from certificate-related vulnerabilities.
35
+
-**Group policy**: Analyzes Group Policy configurations to identify settings that might allow privilege escalation or unauthorized lateral movement within the network. Ensuring secure Group Policy settings helps maintain proper access controls and system configurations.
36
+
-**Accounts**: Reviews Active Directory users, devices, and groups to pinpoint security risks such as weak passwords, inactive accounts, or improper permissions.
36
37
37
38
## Access Defender for Identity security posture assessments
0 commit comments