Welcome to WindowsHardening – your go-to repository for enhancing the security of Windows 10 and Windows 11 clients managed through Microsoft Intune.
This repository contains JSON files designed to enhance Windows 10 and Windows 11 security, based on the settings catalog in Intune. They follow the industry-recognized CIS Benchmarks for Windows hardening.
- JSON Hardening Files: Each file is an export from a settings catalog configuration, offering you a plug-and-play solution for immediately enhancing your system's security posture.
- Structured Settings: The hardening settings are split between user and computer settings, allowing for precise and targeted security measures.
- Wide Compatibility: Primarily designed for Windows 10 and Windows 11 Enterprise editions, these hardening files are also compatible and effective on other versions like Windows Pro.
- Download: Select and download the JSON files applicable to your system version (Windows 10 or Windows 11).
- Import to Intune: Easily import these files into your Microsoft Intune environment.
- Apply Settings: Deploy these settings across your Windows clients to enforce a robust security framework.
CIS Benchmarks are globally recognized as a gold standard for securing IT systems and data against cyber threats. By aligning the hardening files with these benchmarks, as much as possible, this provides you with a trustworthy and effective way to harden your Windows environments against vulnerabilities. The free available PDF files have been a source for building the settings catalog files.
Feel free to contribute, suggest improvements, or report issues. Your input is valuable in making "WindowsHardening" a robust and community-driven tool for Windows security.
Remember, security is an ongoing journey, not a destination. Keep your systems updated and regularly check back for the latest hardening files.
Before using the configurations in the "WindowsHardening" repository for Windows 10 or 11, please test them thoroughly in your environment. Adjustments may be needed to meet your organization's specific security and operational needs. Deployment in a production environment is at your own responsibility.
https://www.cisecurity.org/benchmark/microsoft_windows_desktop