diff --git a/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md b/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md index aebe65fb7b..06bd8455af 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md @@ -25,7 +25,7 @@ ms.topic: conceptual >[!NOTE] > Secure score is now part of Threat & Vulnerability Management as Configuration score. -Your Configuration score is visible in the [Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md) of the Microsoft Defender Security Center. It reflects the collective security configuration state of your machines across the following categories: +Your Configuration score is visible in the [Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md) of the Microsoft Defender Security Center. A higher configuration score means your endpoints are more resilient from cybersecurity threat attacks. It reflects the collective security configuration state of your machines across the following categories: - Application - Operating system @@ -33,7 +33,7 @@ Your Configuration score is visible in the [Threat & Vulnerability Management da - Accounts - Security controls -A higher configuration score means your endpoints are more resilient from cybersecurity threat attacks. +Select a category to go to the [**Security recommendations**](tvm-security-recommendation.md) page and view the relevant recommendations. ## How it works @@ -43,35 +43,31 @@ A higher configuration score means your endpoints are more resilient from cybers The data in the configuration score card is the product of meticulous and ongoing vulnerability discovery process aggregated with configuration discovery assessments that continuously: - Compare collected configurations to the collected benchmarks to discover misconfigured assets -- Map configurations to vulnerabilities that can be remediated or partially remediated (risk reduction) by remediating the misconfiguration +- Map configurations to vulnerabilities that can be remediated or partially remediated (risk reduction) - Collect and maintain best practice configuration benchmarks (vendors, security feeds, internal research teams) - Collect and monitor changes of security control configuration state from all assets -From the widget, you'd be able to see which security aspect requires attention. You can click the configuration score categories and it will take you to the **Security recommendations** page to see more details and understand the context of the issue. From there, you can act on them based on security benchmarks. - ## Improve your security configuration -You can improve your security configuration when you remediate issues from the security recommendations list. As you do so, your configuration score improves, which means your organization becomes more resilient against cybersecurity threats and vulnerabilities. +You can improve your security configuration when you remediate issues from the security recommendations list. As you do so, your Configuration score improves, which means your organization becomes more resilient against cybersecurity threats and vulnerabilities. -1. From the Configuration score card in the [Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md), select **Security controls**. The [**Security recommendations**](tvm-security-recommendation.md) page opens to shows the list of recommendations related to security controls. +1. From the Configuration score card in the Threat & Vulnerability Management dashboard, select the one of the categories to view the list of recommendations related to that category. It will take you to the [**Security recommendations**](tvm-security-recommendation.md) page. If you want to see all security recommendations, once you get to the Security recommendations page, clear the search field. 2. Select an item on the list. The flyout panel will open with details related to the recommendation. Select **Remediation options**. ![Security controls related security recommendations](images/tvm_security_controls.png) -3. Read the description to understand the context of the issue and what to do next. Select a due date, add notes, and select **Export all remediation activity data to CSV** so you can attach it to the email that you can send to your IT Administrator for follow-up. +3. Read the description to understand the context of the issue and what to do next. Select a due date, add notes, and select **Export all remediation activity data to CSV** so you can attach it to an email for follow-up. - >![Request remediation](images/tvm_request_remediation.png). - - You will see a confirmation message that the remediation task has been created. +4. **Submit request**. You will see a confirmation message that the remediation task has been created. >![Remediation task creation confirmation](images/tvm_remediation_task_created.png) -4. Save your CSV file. +5. Save your CSV file. ![Save csv file](images/tvm_save_csv_file.png) -5. Send a follow-up email to your IT Administrator and allow the time that you have allotted for the remediation to propagate in the system. +6. Send a follow-up email to your IT Administrator and allow the time that you have allotted for the remediation to propagate in the system. -6. Review the machine **Configuration score** card again on the dashboard. The number of security controls recommendations will decrease. When you select **Security controls** to go back to the **Security recommendations** page, the item that you have addressed will not be listed there anymore, and your configuration score should increase. +7. Review the **Configuration score** card again on the dashboard. The number of security controls recommendations will decrease. When you select **Security controls** to go back to the **Security recommendations** page, the item that you have addressed will not be listed there anymore, and your configuration score should increase. >[!IMPORTANT] >To boost your vulnerability assessment detection rates, download the following mandatory security updates and deploy them in your network: diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/tvm_request_remediation.png b/windows/security/threat-protection/microsoft-defender-atp/images/tvm_request_remediation.png deleted file mode 100644 index ec4fa8bc44..0000000000 Binary files a/windows/security/threat-protection/microsoft-defender-atp/images/tvm_request_remediation.png and /dev/null differ