Session Abstract

Security teams are often overwhelmed by large numbers of security recommendations in Defender, many labeled as high or critical. The real challenge is not finding risks, but deciding which ones truly matter first. This session shows how a tier-based risk analysis model can bring clarity and focus to security prioritization. We introduce a practical approach that combines security impact and real-world consequences into a custom risk score, which is then translated into clear priority tiers (Tier 0–3). These tiers make it easier to understand urgency, align actions across teams, and focus remediation efforts where they have the highest effect. In this session, you will learn: * Why traditional severity ratings fail to support effective prioritization * How to calculate risk based on impact and consequence, not just likelihood * How Tier 0–3 prioritization simplifies decision-making and remediation planning * How tiering helps align security priorities with business-critical assets By the end of the session, you will understand how tier-based risk analysis reduces noise, improves consistency, and enables security teams to act faster and more confidently on the recommendations that matter most.

Morten Knudsen

Morten is Microsoft Dual MVP (Security & Azure), MCT and holds +20 active certifications. As a Cloud & Security Architect, he is very passionate about Azure Infrastructure, M365, Automation, Security, Hybrid Cloud - and blogs about these topics on mortenknudsen.net. He loves to travel with his family and is a PADI Dive Master & PADI Master Scuba Diver.