Microsoft Security Exposure Management offers a focused, metric-driven way of tracking exposure in specific security areas using security initiatives. This article describes how to work with initiatives.
From the Exposure management section on the navigation bar, select Exposure insights -> Initiatives to open the initiatives page.
At the top of the initiatives page, review the highlighted key initiatives by scrolling and drilling down per your needs.
To set an initiative to appear in the top initiative bar in the dashboard or on the initiatives page, select the star icon in the initiatives window or Mark as favorite in the individual initiative.
You can review the following information for all initiatives:
14 day change trend graph highlighting how the initiative score changes over the past 14 days
Initiative name
Favorite indicator (toggle on/off) to display in the key initiatives banner
Current score of the initiative
Programs or workloads contributing to or required by this initiative
Select an initiative to open the small overview and then select Open initiative page to review or remediate issues. The initiative page includes additional information including:
Your target score for the initiative
A means to set a custom target score appropriate to your organization's needs
Description
Associated security recommendations
All metrics related to the initiative, if applicable.
A metric trends graph and drift change, if applicable.
History of score changes
Related threats
Set target score
To customize your initiative's target score, select Initiatives.
Select the individual initiative and then Set target score to open the set initiative target score window.
Set a new target score percentage and select Apply.
Check trends
The changes in your score provide you with useful feedback about how well you're meeting the goals of your initiatives.
From your initiative page, check the overall 14 day change trend graph and 14 day drift change to track the changes in your initiative score, visually and as a percentage.
For initiatives with metrics, you can examine this data per metric as well.
Check history
Select an initiative to open the small overview and then select Open initiative page-> History to view changes over time.
Browse to the time table to choose a specific time point to examine.
If needed, filter for specific time points.
Choose the time point and select to examine the percent effect on the initiative score and the reason for the change.
Select a metric to explore the change's effect further, if applicable.
Open the Changes to exposed assets dropdown to view up to the top 100 changed assets. The status will indicate whether the asset exposure has been added or removed.
Review metrics and recommendations
To review metrics associated with your initiative, select Exposure insights -> Initiatives-> Security metrics.
Sort by heading, as needed.
Select Exposure insights -> Initiatives-> Security recommendations to view recommendations related to your initiative.
You only see those recommendations that are currently applied to assets and active in Microsoft Secure Score or Microsoft Defender for Cloud.
Sort by heading or filter by state, source, impact, workload, or domain, as needed.
Select a recommendation, such as a not compliant one, and then select Manage to remediate the recommendation in the originating workload, such as Microsoft Defender Vulnerability Management.
This module examines how Microsoft Secure Score helps organizations understand what they've done to reduce the risk to their data and show them what they can do to further reduce that risk. MS-102