Microsoft Defender for Identity: New recommendations added to Microsoft Secure Score

Updated October 29, 2025: We have updated the timeline. Thank you for your patience.

Introduction:

We’re enhancing Microsoft Secure Score by introducing new improvement actions based on Microsoft Defender for Identity posture recommendations for PingOne. These updates provide a more accurate reflection of your organization’s identity security posture and help strengthen your overall security configuration.

When this will happen:

• Public Preview: Rollout begins in late November 2025 (previously late October) and completes by mid-December 2025 (previously mid-November).
• General Availability (Worldwide, GCC, GCC High, and DoD): Rollout begins in late January 2026 (previously late November 2025) and completes by late February 2026 (previously mid-December 2025).

How this affects your organization:

Who is affected: Tenants with a PingOne connector configured for Microsoft Defender for Identity.

What will happen:

New posture recommendations will appear in Microsoft Secure Score as improvement actions:

• Limit the number of PingOne accounts with organization admin role
• Assign multi-factor authentication for PingOne privileged user accounts:

  

• Change password for PingOne privileged user accounts
• Remove stale PingOne privileged accounts
• High number of PingOne accounts with a privileged role assigned

These recommendations are enabled by default and require no configuration changes.

What you can do to prepare:

• No admin action is required before or after rollout.
• Review your current identity configuration to assess potential impact.
• Notify relevant administrators and update internal documentation as needed.
• Regularly review Microsoft Secure Score to monitor and act on new improvement suggestions.

Compliance considerations:

No compliance considerations identified, review as appropriate for your organization.