Is it Possible to Remove the Defender for Endpoint category from the Secure Score calculation?

Copper Contributor




First time posting here. This has been bugging me for a while so wanted to see if anyone has some insights. 

Most of our clients have Business Premium at this point and we have been working on improving each tenant's Microsoft Secure Score. Most are doing well in the 80s with about 237.49/287 points achieved. I noticed that the Secure Score items are broken into 3 categories: Identity, Data, and Apps.


However one client, has an extra category in addition to Identity, Data, and Apps: Devices. Also the product "Defender for Endpoint" causes an extra 100 or so items to show up in the list of recommended actions. As a result their score is much lower: about 55% with 602.29/1084 points achieved. There doesn't seem to be much of a difference between tenants as far as devices that are joined to Entra ID or any particular setting.


So my question is: what triggered this other category to be included in the Secure Score and is it possible to turn it off. We would prefer to keep managing EDR with a 3rd party AV.




0 Replies