Review security recommendations
This article describes how to work with security recommendations in Microsoft Security Exposure Management.
Security Exposure Management is currently in public preview.
Important
Some information in this article relates to a prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, with respect to the information provided here.
Prerequisites
- Learn about the recommendations catalog before you start.
- Review permissions and prerequisites needed for working with Security Exposure Management.
Review recommendations
In the Microsoft Defender portal, select Exposure management > Exposure insights > Recommendations to open the Recommendations page.
Sort the recommendations by any of the headings or filter them based on your task needs. Sorting includes all of the headers:
- Name - Name.
- Compliance state - Compliant or not compliant.
- Impact - High, low, or medium impact.
- Last calculated - Last time the recommendation was calculated.
- Last state change - Last time the recommendation state changed.
- Related initiatives - The number of related initiatives.
- Related metrics - The number of related metrics.
- Source - The assessment standard source.
- Workload - Which workload the recommendations relate to.
- Domain - Device, apps, data, or identity.
Filter recommendations by state, source, impact, workload, and domain.
Select a recommendation to view and review details.
You can also review recommendations on the Recommendations tab in a specific security initiative page in Initiatives to access Microsoft Exposure Recommendations in the Microsoft Defender portal.
Remediate recommendations
To remediate a recommendation, select a specific recommendation and browse to the Remediation steps tab.
Review the remediation steps and select Manage to follow the steps in the originating workload, such as Microsoft Defender for Cloud or Microsoft Defender Vulnerability Management.
Next steps
- Review other ways to improve security insights with exposure insights
- Learn how to Explore security events
- Investigate initiative metrics
Feedback
https://aka.ms/ContentUserFeedback.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see:Submit and view feedback for