Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
Microsoft 365 Security Center reaches general availability
Published Mar 28 2019 08:45 AM 41.2K Views
Microsoft

Last year at Ignite 2018 we announced Microsoft Threat Protection and demonstrated it using the Microsoft 365 security center which provides security professionals with a fully integrated and specialized workspace that enables them to manage and take full advantage of Microsoft 365 intelligent security solutions. Today we’re excited to announce that the Microsoft 365 security center (https://security.microsoft.com) experience is now generally available and is providing customers with a world class platform and experience for securing the modern workplace across identity, devices, data, apps, and infrastructure.

 

What is the Microsoft 365 security center?

When we talk to customers about their requirements for security management, they generally ask for capabilities that provide:

 

  • Visibility into the organization’s security posture across their entire digital estate
  • Efficient management of the vast set of controls needed to secure their environment
  • Guidance that can help them achieve the maximum possible security posture

 

Today typical organizations attempt to address these requirements using a patchwork of dozens or more solutions coming from multiple vendors each of which provide varying user experiences, overlapping functionality, etc.

 

With Microsoft 365 security center we are addressing these challenges by providing our customers with a user experience that brings together many of our intelligent security solutions into a centralized location. The experience enables organizations to reduce security risks by providing them with the tools necessary to assess their current and historical security postures and determine the appropriate set of actions to mitigate future risks. These tools consist of rich dashboards, reports, and interactive experiences like Microsoft Secure Score, each of which are designed to provide security administrators with the tools they need to drive maximum security posture improvements. While the current release of the experience is primarily focused on satisfying the requirements of security administrators, it also provides integrated experiences for compliance data administrators and security operators (SecOps), with additional capabilities coming later this year.

 

A quick tour of Microsoft 365 security center

The Microsoft 365 security center isn’t just organized around the products that make up Microsoft Threat Protection. Instead, it renders them in a completely new way – one that’s focused on the entities that our customers need to secure across their entire digital estate. This means the experience is organized around the concepts of: Identity, Endpoints, User Data, Cloud App and Infrastructure, and not the underlying products that help secure them. This provides security administrators with end-to-end security insights, and management within a fully integrated Microsoft 365 security solution without needing to think about the specific boundaries between the products running behind the scenes.

 

Home page

By focusing the Microsoft 365 security center design around the entities our customers want to secure, we blur the lines between the underlying products as is evident on the Home page, where you can clearly see how we’ve abstracted away all product boundaries. On your Home page (i.e. Dashboard) you will find a selection of the top cards that can help security administrators quickly get visibility across the breadth of entities they need to secure, the issues they need to be aware of and inevitably what requires attention.

 

Blog 01 - Microsoft 365 Security Center Reaches General Availability - Final - Image 01.png

 

Security administrators will find the homepage a perfect place to start their day and for those that also manage compliance within their organization they’ll appreciate that we also offer a specialized compliance related workspace with Microsoft 365 compliance center which uses the exact same design patterns and concepts as Microsoft 365 security center.

 

Blog 01 - Microsoft 365 Security Center Reaches General Availability - Final - Image 02.png

 

This common design is also shared with the Microsoft 365 admin center which is the single place for admins to get started with Microsoft 365, discover the breadth of management capabilities, and the new experiences available to them.

 

Alerts page

While security administrators aren’t responsible for incident response, they’re often expected to know what types of alerts are currently active and have occurred in the past so they can better prepare for issues in the future. To do this they need centralized alert visibility across their entire Microsoft 365 security ecosystem, whether the alert is related to Office 365, Windows, Microsoft Cloud App Security, etc. The Alerts page shown below, as well as the cards and reports within the Monitoring & Reports page, do exactly this and will help them identify posture improvements that will help them better protected their organization in the future.

 

Blog 01 - Microsoft 365 Security Center Reaches General Availability - Final - Image 03.png

 

Monitoring & Reports page

The Home page is a great way to get access to the top cards and reports that will help security administrators conduct their day-to-day activities, but a more comprehensive set of reports can be found on the Monitoring & Reports page. Here you’ll find dozens of reports across Identity, Devices, Data, Apps and Infrastructure – now all available in a single location.

Each report is exposed by a card that provides security administrators with a top-level view. For example, the Devices with Active malware card provides the security administrator a quick way to quantify how many devices are currently impacted by malware.

 

Blog 01 - Microsoft 365 Security Center Reaches General Availability - Final - Image 04.png

 

From here the security administrator can drill into the report and access more details as shown in the image below. These reports can easily be filtered and grouped by a variety of specific data types.

 

Blog 01 - Microsoft 365 Security Center Reaches General Availability - Final - Image 05.png

 

The Monitoring & Reports space will also include advanced workflow experiences to help security administrators make what in the past were challenging decisions. The first workflow example we are shipping today is to help with the configuration of Attack surface reduction rules. With it security administrators can disable operating system and application functionality that are not being used for business purposes and would likely prove useful to attackers.

 

With this workflow the security administrator can quickly monitor and assess the impact of enabling various Attack surface reduction rules across all their users and devices. If they determine there is no impact, they can be confident in deploying the rules broadly across their organization. If they determine there is some level impact they can identify where and then just target the appropriate users and devices. With this workflow what was once quite challenging and required a do it yourself project, has now been made relatively easy.

 

Blog 01 - Microsoft 365 Security Center Reaches General Availability - Final - Image 06.png

 

Microsoft Secure Score

Microsoft Secure Score provides organizations with increased visibility and control over their security posture by discovering opportunities that will help them improve security across their organization. These opportunities are surfaced as recommendations that are coupled with the guidance and the workflows necessary to help security administrators implement each recommendation and best practice. The more improvements you make the bigger your score!

 

This experience previously shipped as a stand-alone console, but it’s now been integrated directly into the Microsoft 365 security center. As shown in the previous images, Microsoft Secure Score will have a dashboard card right on the Home page, and users can drill into the full-blown experience directly from there. Alternatively, they can select the Secure Score item from the navigation.

 

Blog 01 - Microsoft 365 Security Center Reaches General Availability - Final - Image 07.png

 

For those of you who are familiar with Microsoft Secure Score you’ll notice that we’ve reorganized the user experience. Based upon customer feedback, we moved from a product-based way of organizing scores (e.g. Windows, Office) to one that maps to the Microsoft Threat Protection entities. This means scores are now organized around the concepts of Identity, Devices, Data, Apps, and Infrastructure.

 

There is a long list of additional Microsoft Secure Score improvements that we could tell you about today, but we’ll leave those for a dedicated blog that is planned for the coming weeks. In the meantime, log into Microsoft 365 security center and check it out for yourself!

 

Permissions

Today we focused much of our discussion around the security administrator, as that’s the primary persona we focused on for this release, but there are more experiences available including those for Compliance Data Administrators and Security Operators. For Compliance Data Administrators we provide a rich experience for classifying data on the Classification page, and then for Security Operators we currently have the Alerts page which provides them with an integrated view of the alerts across each of the Microsoft 365 security solutions. To support the access control requirements for the many personas types that will be using Microsoft 365 security center we have included role-based access control (RBAC) capabilities that can be managed on the Permissions page.

 

Blog 01 - Microsoft 365 Security Center Reaches General Availability - Final - Image 08.png

Eligibility

To experience the new Microsoft 365 security center and Microsoft 365 compliance center, your organization must have a subscription to Microsoft 365 E3 or E5, or a Volume Licensing equivalent (which consists of Office 365 Enterprise E3 or E5, Enterprise Mobility + Security E3 or E5, and Windows 10 Enterprise E3/E5). Our plan is to expand access to additional subscriptions and licenses later in the year.

 

Wrapping it up

So, there you have it – a quick tour of our new Microsoft 365 security center experiences for the security administrator. We encourage eligible customers to start using it right away and for those that aren’t, we would love to see you trialing one or more of the products so you can begin evaluating it. You can learn more about the new Microsoft 365 security center in our technical supporting document.

21 Comments
Copper Contributor

Is there a timeline for when this will be available in Azure Government?

Iron Contributor

@Chris Hallum Is this available to Education customers as well? (Office 365 Education A5, EMS E5, Windows 10 A5)

I get the desire to generate some fuzz about the new portals, but lets be honest - those are nowhere near what a GA product should look like. Don't get me wrong, I like the new UI, in many ways it's much better than the SCC or individual portals we had previously. However, when the new portal is missing half the functionality of the SCC (not counting compliance related stuff) and the other portals. On top of that half of the "available" functionality simply links to the SCC or another portal, so in effect this is a little more than a MVP product. So I disagree that it's a "world class platform and experience for securing the modern workplace across identity, devices, data, apps, and infrastructure". I know, I know, you'll get there eventually.

 

On the other hand, now that it's GA and officially supported, I can start slamming you with all those "missing feature" requests :p

Silver Contributor

What happened to the Audit Log search functionality that was in the original Security and Compliance Center? I don't see it in the new Compliance Center or in the new Security Center.

Microsoft

@Ryan Morash, at this time the Microsoft 365 security center is not available for Education related licenses however there is plan to get there at the earliest opportunity. I don't have a ETA I can share at the moment but I can assure you it's one of our next stops as we roll this out to a broader set of customer types. 

 

Thanks,

Chris Hallum

Microsoft

Hi @Vasil Michev, I'm looking forward to any feedback you have on how we can improve the security ceneter experience. Feel free to "slam" me with as much feedback as you like!:)

 

Thanks,

Chris Hallum

So far the only complaints I have are around missing functionality, thus my comment about the "GA" status. Otherwise the interface is much better compared to the SCC, which of course is a bit subjective. One thing I would like to see is a page with a changelog, similar to what the O/M365 folks are doing for the new admin portal here: https://docs.microsoft.com/en-us/office365/admin/whats-new-in-preview?view=o365-worldwide

 

Oh, and can you please fix the lowercase "security" label on the top left, it's bugging me a lot more than it should :)

 

BTW, the direct links for the two new portals now seem to work for tenants with "only" Office 365 subscriptions.

 

The Audit Log Search functionality needs to be way more visible in the Security centre. At the moment the link to the old protection portal is buried and that's the only way to search the Audit log if you don't have Log Analytics or Azure Sentinel. Especially as all of the Audit Log search articles on the Docs.Microsoft.com site point to the old Security and Compliance combined centre.

 

Audit Log Search is one of the first places admins go when there's been issues or changes, so it needs to be easily accessible.

Copper Contributor

I'm no longer able to access the portal, I'm getting redirected to the older protection.microsoft.com portal.  What am I missing here?

Silver Contributor

One of my customers tenants no longer has the separate centers, the navigation is back to showing a link to the old SCC. Why did this change?

Hi @Dean Gross, for more information see the section in this blog above around eligibility. Today in order to experience the new Microsoft 365 security center and Microsoft 365 compliance center, your customer must have a subscription to Microsoft 365 E3 or E5, or a Volume Licensing equivalent. We have plans to expand access to additional subscriptions and licenses later in the year.

Iron Contributor

Is there any update on availability for Education tenants?

Silver Contributor

It has been several months since the Security Center was released to GA and the Attack Simulator is still not available in the Security Center, When will the new centers be complete? having 3 instead of 1 is very confusing. 

Copper Contributor

@Chris HallumSecurity re-directs to protection portal, I have an active Enterprise Mobility + Security E3 sub.... no dice. Am I missing something or are the portals being merged/changed?

Steel Contributor

I'm in an E3 tenant (non-Gov & Non-Edu) and have never seen the Security Center or indeed the split of Security & Compliance

Copper Contributor

Still getting issues accessing this page - when I attempt to access security.microsoft.com or compliance.microsoft.con, I get redirected to protection.office.com. This happens without any error or warning and is extremely frustrating.

 

As a M365 E5 customer we should have access to all this functionality - we are keen to begin testing the new MTP service

Silver Contributor

@GRoberts try clearing the browser cache, if that does not work, open a support ticket

Brass Contributor

Any update on edu tenants @Chris Hallum ?

We have A5 Academic licensing, so we have two-thirds of the license types required for this (EMS E5, and Win10 E5, but have Office 365 A5 instead of E5). Frustrating A5 doesn't qualify us for this.

 

 

Steel Contributor

So revisited this post since it's been more than a year since GA. Looking at the portal for a customer with M365 E3 license (which most of my customers are) I'm amazed how many cards showing Data isn't available right now or simply empty since we can't deploy some functionality like Microsoft Defender ATP and Cloud App Security. 

 

If I sum up what value the https://security.microsoft.com portal adds to an M365 E3 customer it's:

The rest, not so much...

 

So basically, the amazing Microsoft 365 Security portal is Secure score and one report showing how many % of compliant devices we have? Is it really that bad? Has the Microsoft 365 E3 Security portal not evolved more for the past year?

 

@Vasil Michev , you were quite critical a year ago - what's your comment? 

 

@Chris Hallum Comment? Maybe the thought behind this portal is not to add much value for E3 customers but rather just E5 customers?

Every time I bother to open the portal I'm amazed to find how little it has changed... let's leave it at that.

Silver Contributor

@Jonas Back while it is true the Security Portal improvements seem to have stalled, the Compliance Portal has received a lot of attention.

Version history
Last update:
‎Nov 02 2021 04:33 PM
Updated by: