Security Baselines

Security Baselines


CIS Microsoft Azure Foundations Benchmark V1.0.0 – Provides prescriptive guidance for establishing a secure baseline configuration for Microsoft Azure. The scope of this benchmark is to establish the foundation level of security for anyone adopting Microsoft Azure Cloud


Windows Security baselines – We recommend that you implement an industry-standard configuration that is broadly known and well-tested, such as Microsoft security baselines, as opposed to creating a baseline yourself. This helps increase flexibility and reduce costs

Security Compliance Toolkit (SCT) – includes tools to help admins manage their security baselines.

CIS Microsoft Benchmarks – CIS Benchmarks are the only consensus-based, best-practice security configuration guides both developed and accepted by government, business, industry, and academia.

STIGs – Security Technical Implementation Guide – The Security Technical Implementation Guides (STIGs) are the configuration standards for DOD IA and IA-enabled devices/systems. Since 1998, DISA has played a critical role enhancing the security posture of DoD’s security systems by providing the Security Technical Implementation Guides (STIGs). The STIGs contain technical guidance to “lock down” information systems/software that might otherwise be vulnerable to a malicious computer attack.

GCHQ Windows 10 Security Guidance – National Cyber Security Centre guidance has been updated to cover the 1803 “April 2018 Update” of Windows 10 Enterprise. It builds on the previous Windows 10 ALPHA Mobile Device Management (MDM) guidance.

AUSC Windows 10 Hardening Guide – Australian Cyber Security Centre guidance. This document provides guidance on hardening workstations using Enterprise and Education editions of Microsoft Windows 10, version 1709. Some Group Policy settings used in this document may not be available or compatible with Professional, Home or S editions of Microsoft Windows 10, version 1709.