With an increasing number of recommendations and many security vulnerabilities surfaced, it is harder to triage and prioritize your response. In addition to a growing amount of information, you have limited resources and time. Azure Secure score helps you prioritize and triage your response to security recommendations by assigning values to the recommendations that can most help improve your security posture.
Last month at Ignite, Microsoft announced that Secure score is a security analytics tool that provides visibility of your organization’s security posture and helps to answer the most important question, “how secure is my workload?” Secure score takes into consideration the severity and the impact of the recommendation. Based on that information, it assigns a numerical value to show how fixing this recommendation can improve your security posture.
When a recommendation is remediated, the recommendation score updates and the overall Secure score is also updated.
The main goals of Secure score are to provide these capabilities to your organization :
- Visualization of the security posture
- Fast triage and suggestions to provide meaningful action to increase your security posture
- Measurement of the workload security over time
Azure Security Center constantly reviews your active recommendations and calculates your secure score based on them. The score of a recommendation is derived from its severity and security best practices that will affect your workload security the most.
The Secure score is calculated based on the ratio between your healthy resources and your total resources. If the number of healthy resources is equal to the total number of resources, you get the highest Secure Score value possible for a recommendation, which can go up to 50. To try to get your Secure score closer to the maximum score, you can fix the unhealthy resources by following the remediation steps in the recommendation.
The overall Secure score is an accumulation of all your recommendations. You can view your overall Secure score across your subscriptions or management groups, depending on the scope you select. The score will vary based on subscription selected and the active recommendations on these subscriptions.
To learn more about Secure score and other Security Center capabilities, visit Microsoft’s documentation.
If you are an existing Security Center customer, Secure score is part of the Free tier of Security Center. If you are new to Security Center, you can get started with Security Center for free.