Overview of Secure score in Azure Security Center

  1. Home
  2. Overview of Secure score in Azure Security Center

Go back to Tutorial

In this tutorial, we will get to understand about Secure score in Azure Security Center.

Azure Security Center has two main goals:

  • Firstly, to help you understand your current security situation
  • Secondly, to help you efficiently and effectively improve your security

However, Security Center continually assesses your resources, subscriptions, and organization for security issues. Then, it aggregates all the findings into a single score so that you can tell, at a glance, your current security situation. Further, to increase your security, review Security Center’s recommendations page for the outstanding actions necessary to raise your score. Each recommendation includes instructions to help you remediate the specific issue.

Recommendations are grouped into security controls. In which, each control is a logical group of related security recommendations and reflects your vulnerable attack surfaces. Your score only improves when you remediate all of the recommendations for a single resource within a control.

Calculations – understanding your score

Metric:
1. Security control’s current score
Equation for calculating a security control's score
Microsoft


Each individual security control contributes towards the Security Score. Moreover, each resource affected by a recommendation within the control contributes towards the control’s current score. The current score for each control is a measure of the status of the resources within the control.

In this example, the max score of 6 would be divided by 78 because that’s the sum of the healthy and unhealthy resources.
6 / 78 = 0.0769
Multiplying that by the number of healthy resources (4) results in the current score:
0.0769 * 4 = 0.31

Practice tests Secure score in Azure Security Center
2. Secure score Single subscription
Equation for calculating a subscription's secure score
Microsoft

In this example, there is a single subscription with all security controls available (a potential maximum score of 60 points). The score shows 28 points out of a possible 60 and the remaining 32 points are reflects in the “Potential score increase” figures of the security controls.

3. Secure score Multiple subscriptions
Equation for calculating the secure score for multiple subscriptions
Microsoft

When calculating the combined score for multiple subscriptions, Security Center includes a weight for each subscription. The relative weights for your subscriptions are determined by the Security Center based on factors such as the number of resources. However, the current score for each subscription calculates in the same way as for a single subscription, but then the weight applies.

Further, when viewing multiple subscriptions, secure score evaluates all resources within all enabled policies and groups their combined impact on each security control’s maximum score.

Improve your secure score

To improve your secure score, remediate security recommendations from your recommendations list. You can remediate each recommendation manually for each resource, or by using the Fix option (when available) to resolve an issue on multiple resources quickly. However, another way to improve your score and ensure your users don’t create resources that negatively impact your score is to configure the Enforce and Deny options on the relevant recommendations.

sc-900 online course

Reference: Microsoft Documentation

Go back to Tutorial

Menu