cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Secure Score and New Intune Category Additions

Damir
Brass Contributor

‎May 19 2023 07:08 AM

‎May 19 2023 07:08 AM

Secure Score and New Intune Category Additions

Hello,

 

Our Secure Score added several Intune related items end of April 2023. Items such as "require screen time lockout", "require device encryption", "block jail broken devices", "require device PIN" etc... simple stuff. Items that we already had set up via Intune compliance policies and config profiles for years.

 

The problem is that the recommendations are not reflecting or updating based on our setup, so we are not getting completion credit for items that are already set up. Worse yet if I manually edit one of these new to us Intune recommendations and mark as mitigated through alternate it saves and then on page reload the change is immediately lost.

 

We have been using Intune for several years so these recommendations I assume did not show up due to any "new" changes or services added on our end.

 

Is this a bug or is there something wrong with our tenant? If so is there a contact address to reach out to anyone can suggest?

 

Thanks

1,325 Views
3 Likes
6 Replies
Reply
6 Replies
ltfalconius

‎May 23 2023 04:12 AM

‎May 23 2023 04:12 AM

Re: Secure Score and New Intune Category Additions

@Damir we experience the exact same issue with the newly added actions.

i opened up a service request for that allready: 2305161420000166

0 Likes
Reply
dbarcelona

‎May 25 2023 01:19 PM

‎May 25 2023 01:19 PM

Re: Secure Score and New Intune Category Additions

I'm observing the same issue and would be interested in learning about any resolution you receive.

Thanks
1 Like
Reply
Damir

‎May 25 2023 01:22 PM

‎May 25 2023 01:22 PM

Re: Secure Score and New Intune Category Additions

I too opened a ticket and sent over some details to support with examples of what is going yestarday on but no feedback/resolution yet.
0 Likes
Reply
best response confirmed by Damir (Brass Contributor)
MzPhoenix

‎Jul 19 2023 09:10 AM

‎Jul 19 2023 09:10 AM

Solution

Re: Secure Score and New Intune Category Additions

@Damir 

Per the Secure Score update blog at https://learn.microsoft.com/en-us/microsoft-365/security/defender/microsoft-secure-score-whats-new?v...

This was an intended change for all tenancies with an active "Defender for Cloud Apps" license. Can confirm these new controls are only present in tenancies with this license as I have a mix of customers with and without it.

I can't for the life of me comprehend why so many "Intune" items were put under a "Defender for Cloud Apps" requirement since in theory you could have Defender for Cloud Apps WITHOUT an active Intune license and/or using/enrolling any devices in intune.

Furthermore, from my testing these items are completely broken at the moment. Their "Implementation" information is laughable and getting credit for them is incredibly inconsistent. At the moment I am recommending to my team we mark all of them as "Alternate Mitigation" and move on with our lives.

It's an embarrassment that this half-baked update was pushed to production. Microsoft should pull this back and fix all of these.

1 Like
Reply
Damir

‎Jul 19 2023 09:41 AM - edited ‎Jul 19 2023 09:41 AM

‎Jul 19 2023 09:41 AM - edited ‎Jul 19 2023 09:41 AM

Re: Secure Score and New Intune Category Additions

@MzPhoenixthat is good to know that something did change and it wasn't just us imagining things. Agree on all your points and yes we've gone down the Alternate Mitigation route ourselves as a "solution".

0 Likes
Reply
Urvi_Lad

‎Jul 31 2023 05:19 PM

‎Jul 31 2023 05:19 PM

Re: Secure Score and New Intune Category Additions

Yes we have same issue. I have opened case with MS Defender support twice but no correct and satisfactory answer received yet.
0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by Damir (Brass Contributor)
MzPhoenix

‎Jul 19 2023 09:10 AM

‎Jul 19 2023 09:10 AM

Solution

Re: Secure Score and New Intune Category Additions

@Damir 

Per the Secure Score update blog at https://learn.microsoft.com/en-us/microsoft-365/security/defender/microsoft-secure-score-whats-new?v...

This was an intended change for all tenancies with an active "Defender for Cloud Apps" license. Can confirm these new controls are only present in tenancies with this license as I have a mix of customers with and without it.

I can't for the life of me comprehend why so many "Intune" items were put under a "Defender for Cloud Apps" requirement since in theory you could have Defender for Cloud Apps WITHOUT an active Intune license and/or using/enrolling any devices in intune.

Furthermore, from my testing these items are completely broken at the moment. Their "Implementation" information is laughable and getting credit for them is incredibly inconsistent. At the moment I am recommending to my team we mark all of them as "Alternate Mitigation" and move on with our lives.

It's an embarrassment that this half-baked update was pushed to production. Microsoft should pull this back and fix all of these.

View solution in original post

1 Like
Reply