Skip to content

Latest commit

 

History

History
55 lines (39 loc) · 2.84 KB

security-recommendations.md

File metadata and controls

55 lines (39 loc) · 2.84 KB
Raw
title description ms.author author manager ms.topic ms.service ms.date
Review security recommendations in Microsoft Security Exposure Management
Learn how to review security recommendations in Microsoft Security Exposure Management.
dlanger
dlanger
rayne-wiselman
overview
exposure-management
11/04/2024

Review security recommendations

This article describes how to work with security recommendations in Microsoft Security Exposure Management.

Prerequisites

Review recommendations

  1. In the Microsoft Defender portal, select Exposure management > Exposure insights > Recommendations to open the Recommendations page.

    :::image type="content" source="./media/recommendations-navigation.png" alt-text="Screenshot of the recommendations window." lightbox="./media/recommendations-navigation.png":::

  2. Sort the recommendations by any of the headings or filter them based on your task needs. Sorting includes all of the headers:

    • Name - Name.
    • Compliance state - Compliant or not compliant.
    • Impact - High, low, or medium impact.
    • Last calculated - Last time the recommendation was calculated.
    • Last state change - Last time the recommendation state changed.
    • Related initiatives - The number of related initiatives.
    • Related metrics - The number of related metrics.
    • Source - The assessment standard source.
    • Workload - Which workload the recommendations relate to.
    • Domain - Device, apps, data, or identity.

  3. Filter recommendations by state, source, impact, workload, and domain.

  4. Select a recommendation to view and review details.

You can also review recommendations on the Recommendations tab in a specific security initiative page in Initiatives to access Microsoft Exposure Recommendations in the Microsoft Defender portal.

Remediate recommendations

  1. To remediate a recommendation, select a specific recommendation and browse to the Remediation steps tab.

  2. Review the remediation steps and select Manage to follow the steps in the originating workload, such as Microsoft Defender for Cloud or Microsoft Defender Vulnerability Management.

Next steps