You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-vulnerability-management/tvm-security-baselines.md
+5-8Lines changed: 5 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -12,7 +12,7 @@ ms.collection:
12
12
- Tier1
13
13
ms.topic: conceptual
14
14
search.appverid: met150
15
-
ms.date: 04/24/2025
15
+
ms.date: 05/12/2025
16
16
---
17
17
18
18
# Security baselines assessment
@@ -33,14 +33,14 @@ A security baseline profile is a customized profile that you can create to asses
33
33
Security baselines provide support for Center for Internet Security (**CIS)** benchmarks for Windows 10, Windows 11, and Windows Server 2008 R2 and above, as well as Security Technical Implementation Guides (**STIG)** benchmarks for Windows 10 and Windows Server 2019.
34
34
35
35
> [!NOTE]
36
-
> The benchmarks currently only support Group Policy Object (GPO) configurations and not Microsoft Configuration Manager (Intune).
36
+
> - The benchmarks currently only support Group Policy Object (GPO) configurations and not Microsoft Configuration Manager (Intune).</br>
37
+
> - Security baseline assessment is not supported on non-English Windows system locale.</br>
38
+
> - Security baseline assessment is not supported when DFSS (Dynamic Fair Share Scheduling) is enabled on Windows Server 2012 R2.</br>
39
+
> - For security baseline assessment to be successful, **PowerShell Constrained Language Mode** must be set to **off** on your devices.
37
40
38
41
> [!TIP]
39
42
> Did you know you can try all the features in Microsoft Defender Vulnerability Management for free? Find out how to [sign up for a free trial](defender-vulnerability-management-trial.md).
40
43
41
-
> [!NOTE]
42
-
> Security baseline assessment is not supported when DFSS (Dynamic Fair Share Scheduling) is enabled on Windows Server 2012 R2.
43
-
44
44
## Get started with security baselines assessment
45
45
46
46
1. Go to **Vulnerability management** > **Baselines assessment** in the [Microsoft Defender portal](https://security.microsoft.com).
@@ -74,9 +74,6 @@ Useful icons to be aware of:
74
74
75
75
 - This configuration has been customized and is not using the default value.
76
76
77
-
> [!NOTE]
78
-
> For security baseline assessment to be successful, **PowerShell Constrained Language Mode** must be set to **off** on your devices.
79
-
80
77
## Security baselines assessment overview
81
78
82
79
On the security baselines assessment overview page you can view device compliance, profile compliance, top failing devices and top misconfigured devices.
0 commit comments