“The tyranny of the default” has been a phrase that has worried many a security professional over the years; the constant struggle to make sure their systems are configured for optimal security, which often requires them to examine each feature individually.
To help security teams keep on top of monitoring where these configurations are, we are happy to report that we are adding a new identity-based security assessment called “Unsecure domain configurations” to the growing list of Microsoft Defender for Identity posture assessments.
Configuring Active directory optimal security has always been top of mind for the Microsoft Defender for Identity team and its research them, recent attacks, such as KrbRelayUp, had repeatedly shown us how certain, often default, settings can be used against their intended purpose and result in an identity compromise.
We will be evaluating two distinct configurations as part of this assessment
This new assessment is part of our existing effort to secure your identity infrastructure alongside existing assessments such as the recommendation to disable the print spooler service on domain controllers
If you have the appropriate permissions to view the identity posture assessments, you can directly access this assessment on your tenant using this link.
We are working on adding more configurations to this Defender for Identity security posture assessments to help customers proactively secure their environments from exploitation, stay tuned!
For more information about Identity Security Posture assessments and Microsoft secure score, see
Or Tsemah, Senior Product Manager, Microsoft Defender for Identity.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.