Forum Discussion

heinzelrumpel's avatar
heinzelrumpel
Brass Contributor
Jun 23, 2026

Secure Score does not reflect settings in ASR rule

Hi,

Our secure score ist pretty low, so I followed recommendations from M365 Security Center. The setting reside in one ASR rule, but Secure Score still does not reflect my  settings still stating 0% achievement. I waited nearly a week. Defender is not the primary AV, but on other tenants the same setting led to success.

Any ideas?

5 Replies

  • Hi, Secure Score can lag behind the actual device configuration, so I would first confirm whether the ASR rule is truly applied on endpoints.

     

    Check these:

     

    1. Device configuration status in Intune.

    2. Defender for Endpoint device timeline or security recommendations.

    3. Local policy/result on a test device.

    4. Whether the rule is in Audit, Warn, or Block mode.

    5. Whether the Secure Score recommendation expects a specific deployment method.

     

    If endpoints show the ASR rule correctly but Secure Score still shows 0 after a couple of days, I would open a support ticket with screenshots from Intune, Defender, and Secure Score.

    • heinzelrumpel's avatar
      heinzelrumpel
      Brass Contributor

      Hi,

      we provide support for several M365 Tenants and none of them have Defender as primary AV, but all others reflect the settings made, e.g in ASR in the Secure Score.

  • henry_collins's avatar
    henry_collins
    Brass Contributor

    If Defender isn't the primary AV, that's often the first thing I'd check. Some Secure Score recommendations only get credited when the setting is reported by Microsoft Defender itself, even if the ASR rule appears correctly configured. I'd also verify the device is successfully reporting compliance back to Defender and that the ASR rule is enabled in the mode required by the recommendation (not just Audit mode). If everything looks correct, it may be worth opening a Microsoft support case, as Secure Score occasionally gets stuck and needs backend investigation.

  • rahuljindal's avatar
    rahuljindal
    Bronze Contributor

    Have you taken action on the recommendations? If yes, how did you do implement and validate for compliance?