A student today asked me a question that I did not have an answer to. This in itself is not unusual, we instructors are not infallible human Google’s, we do not possess the sum of all human knowledge ready to regurgitate into a word soup of semi-hallucinated bullet points.
Yet this question was different, this did not have an answer per se. Or at least in the sense that 2+2=4 or the sky is blue. We were examining the dizzy arrays of portals and features with the Microsoft Defender XDR suite and at how Microsoft have evolved these offerings over time. (Did you know there are 85 active Microsoft admin portals at the time of writing? You can see them all at msportals.io ).
I was asked simply “When will this be finalised?”, or in another sense “When will the changes stop and they will complete Defender XDR?”
There is not an answer for this, other than “Never”, these changes and evolutions of cloud products are not ever going to be complete, it is never going to be static. Years ago, I would install software in to my infrastructure and know it would still be the same software when I returned to it, days, weeks, months, or even years later. Now, I am not sure if I will ever find the same button I was using last week, or if something I was quite happily using in a workflow will be pulled from under me without warning.
This pace of change is exhausting, even for those of us who’s role it is within the IT sphere to be the explainers and simplifiers of complexity. For the average IT person, who has regular day to day tasks to perform, this rate of change and evolution of product offerings is simply impossible to stay up to date with.
From a security standpoint, knowledge is power, and if the bad guy has more knowledge than you, then you are fighting with one hand tied behind your back while the horse sized duck takes a swing at you.
So, is there a solution? Is that solution to prop up your eyelids with matchsticks like a Tom and Jerry cartoon and read those updates for hours every night? That would be quite impractical for any one person to do. We need help.
Good instruction is always going to be the core of staying up to date, what you can learn in a classroom or online with a qualified and talented instructor simplifying the complex, and illuminating the dark depths of documentation, is second to none. The money spent with qualified instruction will always return many times over to hours lost in self-study.
Yet, you don’t have an instructor over your shoulder all the time, especially when it comes to the security and secure design of your infrastructure. What you do have is a portal (or more accurately, many portals) that contains what I would consider the most important metric you can monitor in your environment. The secure score. 
So what does ChatGPT have to say about this if we are looking for a quick explanation?
Microsoft Secure Score is a dynamic tool within the Microsoft Defender suite that evaluates an organization’s security posture across Microsoft 365 and Azure. It assigns a quantified score based on the adoption of recommended security practices, providing actionable insights to strengthen defences against cyber threats.
Monitoring the Secure Score is crucial because it highlights vulnerabilities and recommends specific actions to mitigate them, enabling organizations to prioritize critical security tasks. Regular reviews help maintain strong security hygiene, reducing the risk of breaches and unauthorized access.
As the threat landscape evolves with new vulnerabilities and attack vectors, Microsoft updates its security recommendations within Secure Score to reflect the latest intelligence. Keeping an eye on the Secure Score ensures organizations stay informed about new security features and can adjust strategies accordingly, maintaining robust defenses against current threats.
Ok, enough of the word soup. Secure Score is probably the most important metric to examine because in simple terms. Number go up, we are doing good, number go down, we have work to do. What work? Well, it’s all right there in the list. Not only does Secure Score tell you what need fixing or modifying based on your current setup across the whole complex Defender XDR estate, but will actually point you to how to fix it!
Does this solve the problem of a firehose of overwhelming change? No. Yet nothing will, change is change, sometimes it is good, and sometimes you end up like Sweden switching from left to right driving on 3 September 1967, which from the perspective of a Brit is just bad move all round. The left is clearly the right side.
So keep studying, keep reading and keep on attending classes as often as the budget allows, and sometimes, look back to Microsoft for guidance on how to navigate the forests of complexity the modern cloud has given us.
Author of this article:
Michael Whitehouse
Follow his YouTube Channel for tips and tricks in the IT world: www.youtube.com/@mwcloud
Sources:
https://learn.microsoft.com/en-us/defender-xdr/microsoft-365-defender
https://msportals.io/
https://learn.microsoft.com/en-us/defender-xdr/microsoft-secure-score
