← Back
Microsoft Defender for Endpoint: New Microsoft Secure Score recommendations
MC1192254 · build prod-20251231-200323
Category
stayInformed
Severity
normal
Major change
False
Last modified
2025-12-05 00:43:40
Summary source
Azure OpenAI (gpt-4.1)
Action by (Graph)
Action by (AI)
2025-12-31 00:00:00
Services
Microsoft Defender XDR
Tags
Feature update, User impact, Admin impact
Master tags
Admin, Security
Roadmap IDs

One-line summary

New Microsoft Secure Score recommendations for Defender for Endpoint will appear in Public Preview at end of Dec 2025 to help block attacks and improve endpoint protection.

Similar updates

More like this

Details

Summary
New Microsoft Secure Score recommendations for Microsoft Defender for Endpoint will roll out in public preview by the end of December 2025, helping admins improve security by blocking common attacks. Admins should review and implement these recommendations, such as disabling NTLM authentication, to enhance endpoint protection.

Body (from Message Center)

We’re introducing new Microsoft Secure Score recommendations for Microsoft Defender for Endpoint (MDE) to help organizations strengthen their security posture. These recommendations are designed to proactively block common attack techniques and improve endpoint protection.

When this will happen

Public Preview: Rollout will begin at the end of December 2025 and is expected to complete by the end of December 2025.

How this affects your organization

Who is affected: Admins managing Microsoft Defender for Endpoint and Microsoft Secure Score.

What will happen

  • Customers in Public Preview will see new recommendations in Microsoft Secure Score.
  • One example recommendation is: Disable NTLM authentication for Windows workstations.
  • Secure Score will update based on the implementation of these recommendations.
What you can do to prepare
  • Review the new recommendations in Microsoft Secure Score once available.
  • Complete the recommended actions to improve your organization’s security posture.
  • Communicate these changes to your security and endpoint management teams.

Compliance considerations

No compliance considerations identified. Review as appropriate for your organization.

Raw JSON (for debugging)

Expand/collapse the full payload below.
Show/hide raw
{
  "snapshot_item": {
    "action_required_by": null,
    "ai_action_required_by": "2025-12-31T00:00:00Z",
    "ai_actions": [
      "Review new Secure Score recommendations",
      "Complete recommended security actions",
      "Communicate changes to security teams"
    ],
    "ai_master_tags": [
      "Admin",
      "Security"
    ],
    "ai_model": "gpt-4.1",
    "ai_summary": "New Microsoft Secure Score recommendations for Defender for Endpoint will appear in Public Preview at end of Dec 2025 to help block attacks and improve endpoint protection.",
    "ai_topics": [
      "Defender"
    ],
    "category": "stayInformed",
    "details_map": {
      "Summary": "New Microsoft Secure Score recommendations for Microsoft Defender for Endpoint will roll out in public preview by the end of December 2025, helping admins improve security by blocking common attacks. Admins should review and implement these recommendations, such as disabling NTLM authentication, to enhance endpoint protection."
    },
    "id": "MC1192254",
    "importance": 4,
    "is_major_change": false,
    "last_modified": "2025-12-05T00:43:40Z",
    "ms_products": [
      "Defender"
    ],
    "platforms": null,
    "roadmap_ids": [],
    "services": [
      "Microsoft Defender XDR"
    ],
    "severity": "normal",
    "tags": [
      "Feature update",
      "User impact",
      "Admin impact"
    ],
    "title": "Microsoft Defender for Endpoint: New Microsoft Secure Score recommendations"
  }
}