Microsoft Defender for Identity: New recommendations added to Microsoft Secure Score

Originally posted by Microsoft Sep 19, 2025 Uncategorized 0 Comments

Microsoft Secure Score will add new improvement actions based on Microsoft Defender for Identity recommendations for PingOne, rolling out from October to December 2025. These default-enabled actions target PingOne privileged account security, requiring no admin changes but encouraging review and monitoring by organizations with PingOne connectors.

Introduction:

We’re enhancing Microsoft Secure Score by introducing new improvement actions based on Microsoft Defender for Identity posture recommendations for PingOne. These updates provide a more accurate reflection of your organization’s identity security posture and help strengthen your overall security configuration.

When this will happen:

  • Public Preview: Rollout begins in late October 2025 and completes by mid-November 2025.
  • General Availability (Worldwide, GCC, GCC High, and DoD): Rollout begins in late November 2025 and completes by mid-December 2025.

How this affects your organization:

Who is affected: Tenants with a PingOne connector configured for Microsoft Defender for Identity.

What will happen:

New posture recommendations will appear in Microsoft Secure Score as improvement actions:

user settingsView image in new tab

These recommendations are enabled by default and require no configuration changes.

What you can do to prepare:

  • No admin action is required before or after rollout.
  • Review your current identity configuration to assess potential impact.
  • Notify relevant administrators and update internal documentation as needed.
  • Regularly review Microsoft Secure Score to monitor and act on new improvement suggestions.

Compliance considerations:

No compliance considerations identified, review as appropriate for your organization.

  • Limit the number of PingOne accounts with organization admin role
  • Assign multi-factor authentication for PingOne privileged user accounts:

    user settingsView image in new tab

  • Change password for PingOne privileged user accounts
  • Remove stale PingOne privileged accounts
  • High number of PingOne accounts with a privileged role assigned

Message ID: MC1155429

Comments are closed.

Joao Ferreira

I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.

%d bloggers like this: