Evaluate Secure Score
Implementation Effort: Medium – Evaluating secure score requires regular review by security teams and integration into posture management and compliance workflows.
User Impact: Low – This is a monitoring and analysis activity handled by administrators and security leads; end users are not directly affected.
Overview
Evaluating the Secure Score in Microsoft Defender for Cloud helps organizations understand and improve their cloud security posture. The secure score aggregates security findings into a single percentage-based metric, calculated based on compliance with the Microsoft Cloud Security Benchmark (MCSB). A higher score indicates a lower level of risk.
Key aspects of secure score evaluation include:
- Score Breakdown: Viewable by environment (Azure, AWS, GCP, Azure DevOps), subscription, and control category.
- Calculation Frequency: Each control is recalculated every 8 hours per Azure subscription or cloud connector 1.
- Scope: Only built-in recommendations from the MCSB affect the score. Preview recommendations are excluded but should still be remediated 1.
- Drill-Down Capability: Security teams can explore unhealthy resources and recommendations contributing to the score 2.
The secure score is accessible via the Defender for Cloud Overview dashboard and can be used to track progress over time, prioritize remediation, and benchmark against organizational goals.
This capability supports the Zero Trust principle of "Verify Explicitly" by continuously assessing the security posture of cloud environments and providing actionable insights to reduce risk.