Microsoft Defender for Identity: New recommendations for Microsoft Secure Score

Originally posted by Microsoft Sep 17, 2025 Uncategorized 0 Comments

Microsoft Defender for Identity will add new Secure Score improvement actions by late 2025 to better identify identity risks. These include identifying privileged service accounts, removing stale AD accounts, and disabling Entra Seamless SSO. No admin action is needed, but review configurations and notify security teams.

Introduction

To improve the accuracy of Microsoft Secure Score and better reflect your organization’s security posture, we’re updating the improvement actions related to Microsoft Defender for Identity. This update introduces new posture recommendations that will appear as Secure Score improvement actions, helping you identify and remediate potential identity risks more effectively.

When this will happen:

  • Public Preview: Begins mid-October 2025; expected completion by mid-November 2025.
  • General Availability (Worldwide, GCC, GCC High, DoD): Begins late October 2025; expected completion by late November 2025.

How this affects your organization:

Who is affected:Organizations with Microsoft Defender for Identity sensors installed in their identity infrastructure.

What will happen:

  • New posture recommendations will be added to Microsoft Secure Score as improvement actions:
    • Identify service accounts in privileged groups
    • Remove stale Active Directory accounts
    • Identify Entra ID privileged accounts that are also privileged in Active Directory
    • Locate accounts in built-in Operator Groups
    • Disable Entra Seamless SSO
  • These recommendations will be available by default.
  • Your Secure Score will update automatically based on these new actions.

What you can do to prepare:

  • No admin action is required before or after rollout.
  • Review your current configuration to assess potential impact.
  • Notify your identity and security admins about the upcoming changes.
  • Update any internal documentation that references Secure Score or Defender for Identity.
  • Regularly review Secure Score improvement actions to stay informed of new recommendations.

Learn more: Microsoft Secure Score documentation

Compliance considerations:

No compliance considerations identified, review as appropriate for your organization.

Message ID: MC1154297

Comments are closed.

Joao Ferreira

I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.

%d bloggers like this: