Microsoft
MicrosoftSomehow it would also be helpful to rebrand "Windows machines should meet requirements of the Azure compute security baseline" in something that holds the name "cis" in it or another reference to which CIS compute benchmark is actually being applied.
Not doing that makes it a bit of a guesswork which cis compute items ended up in the Benchmark. Or as Roger Carlsson did one would require to do that analysis themselves to see what the actual difference is.
In an enterprise landscape 'one' wants to hear that the VM is compliant against the CIS compute benchmark rather than saying it's compliant on the security baseline benchmark.
Furthermore it would be helpful to have configurable benchmark profiles so that differentiations can be made depending on the security requirements of a VM. (to avoid breaking changes as a result of the benchmark).
Last question -> Is there somewhere a roadmap available for Automanage and it's features?
