Windows 10: Microsoft Security Compliance Toolkit for windows Server 2016

MuradMomani12 · Jun 28, 2020

Hi,

I'm trying to make my winServer2016 compliance with the CIS benchmark https://www.cisecurity.org/cis-benchmarks/, I have installed Microsoft Security Compliance Toolkit for Windows Server 2016 and run the Script in this path.....\Windows-10-RS1-and-Server-2016-Security-Baseline\Local_Script\Member_Server_Install.cmd, which will get group Policy configuration template from theGPOs Folder in the same path and apply it to the local policy as a member server.

After that what I'm expecting is to have all the points of CIS Benchmark being configured on the server as Microsoft claims herehttps://docs.microsoft.com/en-us/microsoft-365/compliance/offering-cis-benchmark?view=o365-worldwide that theMicrosoft Security Compliance Toolkit is covering CIS Benchmark. for checking what points of CIS Benchmark V1.1.0 have been pointed or not, I used an auditing framework called Inspecthttps://www.inspec.io/docs/reference/install/ which will do automated audit check on my windows server. Inspec needs Control auditing files to check against and validated the implemented points from those are not. for that, you can clone the following repository https://github.com/dev-sec/windows-baseline and use it with Inspec to make the auditing processCISv1.1.0 same as one used by Security Compliance Toolkit for Windows Server 2016, and the command can be run as follows :

inspec exec Path\To\Windows\Base\Line\Auditing\repo
It will show you Results as follows :

as seen the audit shows only 194 successful controls while there are 149 failures!

I tried to figure what is the problem and why the Security Compliance Toolkit did not apply all Secure configurations, noting that the logs of the Security Compliance toolkit did not show any error !!

so what is behind this, and how to make sure that the Security Compliance Toolkit works as expected with configuring most of the failed points from the audit output?

:)

Brink · Jun 28, 2020

Introducing new Microsoft 365 security center and compliance center

In the past few years, we have been heavily investing in the security and compliance areas to help organizations safeguard their digital estate and achieve compliance. According to recent customer research, we heard that while security and compliance are both top of mind areas in data protection, most organizations have different teams working in these two spaces. To empower your security and compliance professionals to work more efficiently in dedicated platforms, we are excited to announce the availability of Microsoft 365 security center (security.microsoft.com) and Microsoft 365 compliance center (compliance.microsoft.com).

The new specialized workspaces enable your security and compliance teams to have centralized management across your Microsoft 365 services, bringing together Office 365, Windows 10, and Enterprise Mobility + Security (EMS), with several Azure capabilities.

In both specialized centers, you can easily find actionable insights, alerts, and scores to help you understand your security and compliance risks and leverage artificial intelligence to strengthen your security and compliance posture. You can find more details about each center in the following paragraphs.

Microsoft 365 security center

The new Microsoft 365 security center provides security administrators and other risk management professionals with a centralized hub and specialized workspace that enables them to manage and take full advantage of Microsoft 365 intelligent security solutions for identity and access management, threat protection, information protection, and security management. With it they’ll gain the visibility, control, and guidance necessary to understand and act on the threats that their organization is facing today, have faced in the past, and may face in the future.

This new workspace is organized around the products that make up Microsoft Threat Protection by rendering them in a completely new way, one that’s focused on the entities that our customers must secure across their entire digital estate. We have consolidated the experience across Microsoft 365 products and designed around the concepts of Identity, Endpoints, User Data, Cloud App and Infrastructure, and not the underlying products that help secure them. This enables end-to-end security insights and management and paves the way for a comprehensive Microsoft 365 security solution.

In addition, the Microsoft 365 security center enables organizations to reduce security risks by providing them with the tools necessary to assess their current and historical security postures and to determine the appropriate set of actions to take to mitigate future risks. These tools consist of rich dashboards, reports, and interactive experiences like Microsoft Secure Score, each of which are designed to provide security administrators with the visibility, controls, and guidance they need to drive maximum security posture improvements. Microsoft 365 security center also provides experiences for security operators (SecOps) through the integration of incident response capabilities such as a centralized alerts view and hunting capabilities which can be used to perform ad-hoc investigations.

Microsoft 365 compliance center

The new Microsoft 365 compliance center is a specialized workspace for your compliance, privacy, and risk management professionals. In the new center, you can assess your compliance risks through Compliance Manager, protect and govern your data with sensitivity and retention labels, respond to regulatory requests like Data Subject Requests, and access to more other compliance and privacy solutions.

The new experience helps you reduce compliance risks and protect your digital estate more easily and effectively with three new insights:

With the Compliance Manager integration, Microsoft 365 compliance center provides you with visibility into your compliance posture against key regulations and standards like the GDPR, ISO 27001, NIST 800-53, and more on the homepage. You can then perform risk assessments and follow step-by-step guidance to enhance your compliance and privacy controls.

Additionally, to help you label data more accurately, the new Microsoft 365 Label Analytics preview can enable you to analyze and validate how sensitivity and retention labels are being used beyond your Office 365 workloads.

We also brought in the Microsoft Cloud App Security (MCAS) insights into Microsoft 365 compliance center to help you identify compliance risks across applications, discover shadow IT, and monitor employees’ non-compliant behaviors.

We will be gradually rolling out the new experience from the end of January, and the rollout will be completed worldwide by the end of March. Once this new experience is rolled out, you can access it by visiting security.microsoft.com or compliance.microsoft.com or from the Microsoft 365 admin center.

You can learn more about the new Microsoft 365 security center and Microsoft 365 compliance center in our technical supporting document.
Click to expand...

Source: Introducing the new Microsoft 365 security center and Microsoft 365 compliance center - Microsoft Tech Community - 326959

Brink · Jun 28, 2020

Introducing new Microsoft 365 security center and compliance center

In the past few years, we have been heavily investing in the security and compliance areas to help organizations safeguard their digital estate and achieve compliance. According to recent customer research, we heard that while security and compliance are both top of mind areas in data protection, most organizations have different teams working in these two spaces. To empower your security and compliance professionals to work more efficiently in dedicated platforms, we are excited to announce the availability of Microsoft 365 security center (security.microsoft.com) and Microsoft 365 compliance center (compliance.microsoft.com).

The new specialized workspaces enable your security and compliance teams to have centralized management across your Microsoft 365 services, bringing together Office 365, Windows 10, and Enterprise Mobility + Security (EMS), with several Azure capabilities.

In both specialized centers, you can easily find actionable insights, alerts, and scores to help you understand your security and compliance risks and leverage artificial intelligence to strengthen your security and compliance posture. You can find more details about each center in the following paragraphs.

Microsoft 365 security center

The new Microsoft 365 security center provides security administrators and other risk management professionals with a centralized hub and specialized workspace that enables them to manage and take full advantage of Microsoft 365 intelligent security solutions for identity and access management, threat protection, information protection, and security management. With it they’ll gain the visibility, control, and guidance necessary to understand and act on the threats that their organization is facing today, have faced in the past, and may face in the future.

This new workspace is organized around the products that make up Microsoft Threat Protection by rendering them in a completely new way, one that’s focused on the entities that our customers must secure across their entire digital estate. We have consolidated the experience across Microsoft 365 products and designed around the concepts of Identity, Endpoints, User Data, Cloud App and Infrastructure, and not the underlying products that help secure them. This enables end-to-end security insights and management and paves the way for a comprehensive Microsoft 365 security solution.

In addition, the Microsoft 365 security center enables organizations to reduce security risks by providing them with the tools necessary to assess their current and historical security postures and to determine the appropriate set of actions to take to mitigate future risks. These tools consist of rich dashboards, reports, and interactive experiences like Microsoft Secure Score, each of which are designed to provide security administrators with the visibility, controls, and guidance they need to drive maximum security posture improvements. Microsoft 365 security center also provides experiences for security operators (SecOps) through the integration of incident response capabilities such as a centralized alerts view and hunting capabilities which can be used to perform ad-hoc investigations.

Microsoft 365 compliance center

The new Microsoft 365 compliance center is a specialized workspace for your compliance, privacy, and risk management professionals. In the new center, you can assess your compliance risks through Compliance Manager, protect and govern your data with sensitivity and retention labels, respond to regulatory requests like Data Subject Requests, and access to more other compliance and privacy solutions.

The new experience helps you reduce compliance risks and protect your digital estate more easily and effectively with three new insights:

With the Compliance Manager integration, Microsoft 365 compliance center provides you with visibility into your compliance posture against key regulations and standards like the GDPR, ISO 27001, NIST 800-53, and more on the homepage. You can then perform risk assessments and follow step-by-step guidance to enhance your compliance and privacy controls.

Additionally, to help you label data more accurately, the new Microsoft 365 Label Analytics preview can enable you to analyze and validate how sensitivity and retention labels are being used beyond your Office 365 workloads.

We also brought in the Microsoft Cloud App Security (MCAS) insights into Microsoft 365 compliance center to help you identify compliance risks across applications, discover shadow IT, and monitor employees’ non-compliant behaviors.

We will be gradually rolling out the new experience from the end of January, and the rollout will be completed worldwide by the end of March. Once this new experience is rolled out, you can access it by visiting security.microsoft.com or compliance.microsoft.com or from the Microsoft 365 admin center.

You can learn more about the new Microsoft 365 security center and Microsoft 365 compliance center in our technical supporting document.
Click to expand...

Source: Introducing the new Microsoft 365 security center and Microsoft 365 compliance center - Microsoft Tech Community - 326959

Brink · Jun 28, 2020

Microsoft Security Bulletin Summary for November 8th 2016

Release Date: November 08, 2016

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released.

More information about this month’s security updates and advisories can be found in the Security TechNet Library.

The November security release consists of security updates for the following software:

Internet Explorer

Microsoft Edge

Microsoft Windows

Microsoft Office and Microsoft Office Services and Web Apps

SQL Server

Adobe Flash Player

Please note the following information regarding the security updates:

Beginning with the October 2016 release, Microsoft is changing the update servicing model for Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2. For more information, please see this Microsoft Technet article, Further simplifying servicing models forWindows 7 and Windows 8.1.

Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.

Vulnerabilities addressed in the November 2016 security release might also affect Windows Server 2016 Technical Preview 5. To be protected from these vulnerabilities, Microsoft recommends that customers running this operating system apply the current update, which is available from Windows Update.

Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.

In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features

Click to expand...

Source:

Microsoft Security Bulletin Summary for November 2016

November 2016 Security Updates

November 2016 security update release MSRC

Windows 10: Microsoft Security Compliance Toolkit for windows Server 2016

Microsoft Security Compliance Toolkit for windows Server 2016

Microsoft Security Compliance Toolkit for windows Server 2016

Microsoft Security Compliance Toolkit for windows Server 2016

Microsoft Security Compliance Toolkit for windows Server 2016 - Similar Threads - Microsoft Security Compliance

Windows Defender disabled features after installing the Security Compliance Toolkit and...

Windows Defender disabled features after installing the Security Compliance Toolkit and...

Windows Server 2016 Security Patch Failure

Windows Server 2016 Security Patch Failure

Application Development Servers Toolkit

Application Development Servers Toolkit

Microsoft Security Compliance Toolkit Security Baseline Challenge Question

Microsoft Security Compliance Toolkit Security Baseline Challenge Question

Port Security in Windows Server 2016