Forum Discussion
Secure Score does not reflect settings in ASR rule
Hi,
Our secure score ist pretty low, so I followed recommendations from M365 Security Center. The setting reside in one ASR rule, but Secure Score still does not reflect my settings still stating 0% achievement. I waited nearly a week. Defender is not the primary AV, but on other tenants the same setting led to success.
Any ideas?
5 Replies
Hi, Secure Score can lag behind the actual device configuration, so I would first confirm whether the ASR rule is truly applied on endpoints.
Check these:
1. Device configuration status in Intune.
2. Defender for Endpoint device timeline or security recommendations.
3. Local policy/result on a test device.
4. Whether the rule is in Audit, Warn, or Block mode.
5. Whether the Secure Score recommendation expects a specific deployment method.
If endpoints show the ASR rule correctly but Secure Score still shows 0 after a couple of days, I would open a support ticket with screenshots from Intune, Defender, and Secure Score.
- Bogdan_GuineaSteel Contributor
It could be related to ASR reporting, which is only available when Defender runs in active (normal) mode or just a metter of time.
Take a look hier also :
Good luck!
- heinzelrumpelBrass Contributor
Hi,
we provide support for several M365 Tenants and none of them have Defender as primary AV, but all others reflect the settings made, e.g in ASR in the Secure Score.
- henry_collinsBrass Contributor
If Defender isn't the primary AV, that's often the first thing I'd check. Some Secure Score recommendations only get credited when the setting is reported by Microsoft Defender itself, even if the ASR rule appears correctly configured. I'd also verify the device is successfully reporting compliance back to Defender and that the ASR rule is enabled in the mode required by the recommendation (not just Audit mode). If everything looks correct, it may be worth opening a Microsoft support case, as Secure Score occasionally gets stuck and needs backend investigation.
- rahuljindalBronze Contributor
Have you taken action on the recommendations? If yes, how did you do implement and validate for compliance?