Details
Due to a recent update to the Microsoft Graph API, there has been a change to the way that Microsoft calculates Secure Score: control Score counts.
β
What exactly changed
βOld Way:
Count: Number of users NOT meeting the control score requirement
Total: The total number of users analyzed in the context of the control score
New Way:
Count: Refers to the total number of users meeting the control score requirement.
Total: Refers to the total number of users analyzed in the context of the control score.
To illustrate this better, let's consider an example:
If there are 7 users analyzed, and 3 of them are admins with MFA disabled (Count = 3, Total = 7), it indicates that there are 4 unprotected admins without MFA.
What this means to you:
Any metric queries containing control Score "count" values will need to be updated.
βLiongard Created Metrics:
We have already updated the following Liongard created metrics to align with the recent changes:
Office 365: Users with Risk Policy Disabled Count
Office 365: Users with Sign-In Risk Policy Disabled Count
Office 365: Non-Admin Users with MFA Disabled Count
Office 365: Admin Users with MFA Disabled Count
Action Needed for User Custom Metrics:
If you have any custom metrics based on control score counts, we kindly request you to head to the "Metrics" page in your Liongard instance to update your metric queries. This will ensure the accurate calculation of metrics and prevent any discrepancies.
If you have any questions or need further assistance, feel free to reach out to our support team.