Microsoft Security Tech Accelerator
Dec 06 2023, 07:00 AM - 12:00 PM (PST)
Microsoft Tech Community
Secure Score by Groups Workbook
Published Oct 06 2020 07:16 AM 4,357 Views

Secure Score by Groups Workbook



The Azure Resource Graph security baseline for Microsoft Defender for Cloud and the power of Azure Monitor bring you infinite possibilities to custom Microsoft Defender for Cloud information. Consider a scenario where you want to have visibility of the Secure Score for different subscriptions that are in different regions in a single dashboard. This article explains how to leverage Azure Monitor workbooks to create that. The workbook is available in our GitHub community page and the result looks like this:

Figure 1: workbook visualizationFigure 1: workbook visualization


The queries

This workbook has two queries created using Azure Resource Graph:

  • One for obtaining the Overall Secure Score of the selected subscriptions
  • The other obtains the individual Secure Score

To obtain the individual score, use the sample query below:







| where type == ""
| extend subscriptionSecureScore = round(100 * ((todouble(properties.score.current))/ todouble(properties.score.max)))
| project subscriptionSecureScore, subscriptionId
| order by subscriptionSecureScore asc








When you run the query in ARG, you will get a similar result to this:

Figure 2: individual secure score query resultFigure 2: individual secure score query result


Behind the scenes, each security control Current Score and Maximum Score is found here:

Figure 3: current score and maximum score in ASCFigure 3: current score and maximum score in ASC


Query: overall secure score – multiple subscriptions

To get the overall secure score of more than one subscription, you can use the next query:







| where type == ""
| extend subscriptionScore = todouble(properties.score.current)/todouble(properties.score.max)
| extend subScoreXsubWeight = todouble(subscriptionScore)*todouble(properties.weight)
| summarize upperValue = sum(subScoreXsubWeight), underValue = sum(todouble(properties.weight))
| extend overallScore = round(100*((upperValue)/(underValue)))








The result would be similar to this:

Figure 4: overall secure score query resultFigure 4: overall secure score query result


Follow this blog post to see the formulas used for Microsoft Defender for Cloud Secure Score.




The Workbook Visualization

The workbook will show by default four groups. Each group has five variables: group, title, subscription picker, overall secure score, secure score per subscription.

Figure 5: workbook single groupFigure 5: workbook single group


To modify the workbook, start by clicking the Edit button:

Figure 6: edit workbookFigure 6: edit workbook



Modify Group Name

  1. Select the group you want to modify and click the Edit button.Figure 7: edit groupFigure 7: edit group
  2. At the top, click on Advanced Settings, change the Group title, and click the button Done Editing.Figure 8: change group titleFigure 8: change group title


Modify Title

  1. Go to the title and click Edit:Figure 9: modify titleFigure 9: modify title
  2. Type the title you want in a Markdown syntax, and click the button Done Editing.Figure 10: type the titleFigure 10: type the title



Create More Groups

  1. Go to any group
  2. Click on the three dots and select CloneFigure 11: clone the groupFigure 11: clone the group



Pin It to Your Azure Dashboard

  1. Your workbook must be in Edit mode, then click the Pin button.Figure 12: pin itFigure 12: pin it


  2. Click on Pin All to send each component of your groups to the dashboard.Figure 13: pin allFigure 13: pin all


  3. Click either on Existing or Create New and choose your Dashboard Name. Then click Create And Pin.Figure 14: pin to dashboardFigure 14: pin to dashboard


  4. You will see a message saying it was successfully pinned. Click on that and start customizing your dashboard.Figure 15: successful messageFigure 15: successful message



  5. Customize your dashboard by clicking the Edit button and moving the information squares.Figure 16: edit dashboardFigure 16: edit dashboard


     Figure 17: done customizing dashboardFigure 17: done customizing dashboard




Next Steps

Try it out and share your experience. The workbook is published here in the Microsoft Defender for Cloud GitHub repository.







Miri Landau, Senior PM, Microsoft Defender for Cloud Engineering

Yuri Diogenes, Principal PM, CxE Security ASC


Version history
Last update:
‎Oct 28 2021 02:07 PM
Updated by: