Apply Security base Line From Intune - Control whit Harden System Security

[njweball-sys]

Hello, I've been applying the two security baselines from Intune on my test machine:

• Security baseline for Windows 10 and later

• Microsoft Defender for Endpoint security baseline

• Microsoft Edge security baseline
  I discovered your tool thanks to Alex Field and I want to use it to check what's actually being applied on the PC. I'm surprised to see that with these three baselines, I only have the following applied:

• Security baseline for Windows 10 and later (the baseline contains approximately 350 parameters in my case)
  Verification completed: 78/421 policies are compliant

• Microsoft Defender for Endpoint security baseline
  Applied 10/ Not applied 73/ Undetermined 2

Are these points not addressed for Microsoft Edge?

I'm new to using the tool, so I've probably missed something? Thank you for your help and feedback. Have a great day.

[HotCakeX]

Hi,
The app currently has the following workflow:

• During application, only one method is used: Group Policy, Registry key, COM or Native API.
• During verification, all of the methods that are available/applicable for a security measure is used.

Intune only uses COM/registry keys and some other methods to apply the security measures. The app currently can detect a security measure is applied if Intune applied it via registry keys, and it can partially detect it if it was applied via COM. I need to work on COM detection and improve it, i'll add many more in the next update and continue improving it.

Thank you, you too!

[HotCakeX]

Hi @njweball-sys just released an update that improves Intune policies detection: https://github.com/HotCakeX/Harden-Windows-Security/releases/tag/HardenSystemSecurity-v1.0.27.0

You can also upload/deploy policies to your tenant right from the app. There will be even more features and improvements in the upcoming updates.

[njweball-sys]

Hello Violet, I will test this next week and you will give feedback. Thanks in advance ;-)