Table of Contents
Summary
- New Microsoft Secure Score recommendations for Microsoft Defender for Endpoint will be introduced to enhance security.
- Recommendations aim to block common attack techniques and improve endpoint protection.
- Public Preview will allow customers to view these new recommendations in Microsoft Secure Score.
- Admins and endpoint management teams should review and implement the recommendations to boost security.
- The change affects IT administrators with updates to UI and workflows related to Microsoft Defender for Endpoint and Secure Score.
Admin Impact: Medium
User Impact: Low
Release Start: 31 Dec 2025
Release End: 31 Dec 2025
Services: Defender XDR
Category: Stay informed
Tags: Feature Update, User Adoption, Admin Action
History
12/5/2025 Item Added to Message Center
Microsoft Message
We’re introducing new Microsoft Secure Score recommendations for Microsoft Defender for Endpoint (MDE) to help organizations strengthen their security posture. These recommendations are designed to proactively block common attack techniques and improve endpoint protection.
When this will happen
Public Preview: Rollout will begin at the end of December 2025 and is expected to complete by the end of December 2025.
How this affects your organization
Who is affected: Admins managing Microsoft Defender for Endpoint and Microsoft Secure Score.
What will happen
- Customers in Public Preview will see new recommendations in Microsoft Secure Score.
- One example recommendation is: Disable NTLM authentication for Windows workstations.
- Secure Score will update based on the implementation of these recommendations.
What you can do to prepare
- Review the new recommendations in Microsoft Secure Score once available.
- Complete the recommended actions to improve your organization’s security posture.
- Communicate these changes to your security and endpoint management teams.
Compliance considerations
No compliance considerations identified. Review as appropriate for your organization.