Comments (4)
Hi,
This behavior is for free customers only. Paying customers will always have fresh data.
We've deployed a fix for this where all new registrations will have their activity status reset.
For existing free customers who are already registered, you can try setting the pricing tier to its existing state to reset activity status, or querying securityStatuses API
For example:
PUT https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Security/pricings/{pricingName}?api-version=2023-01-01
{
"properties": {
"pricingTier": "Free"
}
}
from microsoft-defender-for-cloud.
@chshum Thanks for your reply. That is much appreciated!
Does: "We've deployed a fix for this where all new registrations will have their activity status reset." mean, that customers on the free tier will also get the basic securescores if we "reset" their pricing tier as described?
from microsoft-defender-for-cloud.
I have tested on several tenants, that logging on to the tenant and clicking the Microsoft Defender for Cloud is required before ascScore retrieval is triggered.
I think there is really simple but hard to notice explanation for this. Some action, e.g. opening Defender UI, triggers background processes.
E.g. Microsoft cloud security benchmark policy initiative is being assigned automatically on subscription when TBD is done on portal.
Exact action seen in the brand new subscription activity log:
- Windows Azure Security Resource Provider registers Microsoft.GuestConfiguration
- Windows Azure Security Resource Provider registers Microsoft.PolicyInsights
- Windows Azure Security Resource Provider creates policy inititative assignment:
"requestbody": "{\"id\":\"/subscriptions/x-x-x-x-x/providers/Microsoft.Authorization/policyAssignments/SecurityCenterBuiltIn\",\"name\":\"SecurityCenterBuiltIn\",\"type\":\"Microsoft.Authorization/policyAssignments\",\"sku\":{\"name\":\"A1\",\"tier\":\"Standard\"},\"properties\":{\"parameters\":\"******\",\"description\":\"This is the default set of policies monitored by Azure Security Center. It was automatically assigned as part of onboarding to Security Center. The default assignment contains only audit policies. For more information please visit https://aka.ms/ascpolicies\",\"displayName\":\"ASC Default (subscription: 731f3bda-584f-4578-a54e-addf20109a8e)\",\"scope\":\"/subscriptions/731f3bda-584f-4578-a54e-addf20109a8e\",\"policyDefinitionId\":\"/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8\",\"metaData\":\"******\"}}"
Afaik Defender plans have really minimal effect on secure score if any.
Ps. Shame on MSFT not documenting this properly. Assignment of the policy initiative is part of the some landing zones: https://github.com/search?q=repo%3AAzure%2FALZ-Bicep%20%2F1f3afdf9-d0c9-4c3d-847f-89da613e70a8%2F&type=code
from microsoft-defender-for-cloud.
Closing as a solution was provided
from microsoft-defender-for-cloud.
Related Issues (20)
- Security Center REST API Endpoint missing
- Reproduce behaviour HOT 1
- Alternative HOT 1
- Permission and Variables HOT 1
- New-ASCVASolution.ps1 Rapid 7 Insight Agent BYOL deployment confusion HOT 2
- Defender for Cloud Environment settings, "Workload protections" views report incorrect resource coverage HOT 1
- this is the official domain for the website and email for teachers and students in the public sector of Kuwait ministry of education: moe.edu.kw
- https://learn.microsoft.com/ar-sa/users/12771345/
- D4Storage-PricingEstimation-Per-Storage.ps1 requires az.Storage HOT 1
- Instructions are outdated and should be updated
- Inconsistent CSV Export Log CSV HOT 1
- Support form link doesn't exist anymore
- Missing Images
- Line 47 provides error of "unexpected token" HOT 1
- Cannot Connect Subscription Based Sentinel Connector for MDC
- ARM Template Issue
- Subscription Not Found (HTTP - Get Azure VM) HOT 2
- ImageScanSummaryAssessmentGate.ps1 no longer finds assessments HOT 3
- CVE Dashboard- old version HOT 2
- Connection Error while accessing Microsoft Defender for Cloud HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from microsoft-defender-for-cloud.