hardening-windows-endpoint-with-cis-benchmark
Installation
SKILL.md
Hardening Windows Endpoint with CIS Benchmark
When to Use
Use this skill when:
- Deploying new Windows 10/11 or Server 2019/2022 endpoints that require security hardening
- Establishing organization-wide security baselines using CIS Level 1 or Level 2 profiles
- Remediating findings from compliance audits (PCI DSS, HIPAA, SOC 2) that reference CIS benchmarks
- Validating existing endpoint configurations against current CIS benchmark versions
Do not use this skill for Linux endpoints (use hardening-linux-endpoint-with-cis-benchmark) or for cloud-native workloads that require CIS cloud benchmarks.
Prerequisites
- Windows 10/11 Enterprise or Windows Server 2019/2022 target endpoints
- Active Directory Group Policy Management Console (GPMC) for enterprise deployment
- CIS-CAT Pro Assessor or CIS-CAT Lite for automated benchmark assessment
- Administrative access to target endpoints or domain controller
- Current CIS Benchmark PDF for the target Windows version (download from cisecurity.org)