Stigs / Compliance & Benchmarks

Microsoft Security Compliance Toolkit 1.0

The Microsoft Security Compliance Toolkit 1.0 is a set of tools provided by Microsoft to help IT administrators and security professionals configure, manage, and verify security settings in Windows operating systems and other Microsoft products, based on Microsoft’s recommended security baselines.

LogoSecurity Compliance Toolkit and BaselinesMicrosoft Download Center

CIS Benchmarks (Center for Internet Security)

  • What it is: Free, community-developed security configuration guidelines for systems like Windows, Linux, macOS, AWS, Azure, Docker, and more.

  • Format: PDF guides, scripts (PowerShell, Ansible, etc.), and automated tools.

  • Security levels: Typically split into Level 1 (basic security) and Level 2 (advanced/hardened).

  • Use case: System hardening and compliance checks.

LogoCIS Benchmarks™CIS

STIGs (Security Technical Implementation Guides – DISA/STIG)

  • What it is: Security configuration standards published by the U.S. Department of Defense (DoD).

  • Focus: Very strict hardening — commonly used in military and government environments.

  • Coverage: Operating systems, applications, databases, network devices, etc.

  • Tools: Often used with the SCAP Compliance Checker (SCC Tool) or OpenSCAP.

  • Format: XML, checklist, XCCDF, etc.

LogoSecurity Technical Implementation Guides (STIGs) – DoD Cyber Exchange

PreviousHardeningNextStuff

Last updated

Was this helpful?