Forum Discussion
Huaye
Microsoft
MicrosoftCan I use Microsoft Defender for Endpoint for CIS benchmark assessment
Hi Team,
I have a customer who wants to do CIS benchmark assessment (CIS Microsoft Windows Server Benchmarks) for On-prem Windows 2022 servers. Can we use Microsoft defender for endpoint to do it? What's the prerequisite? E5 and Arc onboarding?
Thank you.
Regards,
Huaye
Hello Huaye,
If your servers are already on Azure Arc with MDC P2 enabled go through the Unified Security Operations portal, Endpoints > Vulnerability management > Baseline assessments > Profiles and here click Create.
Here, you can choose the CIS version required.
And following you can choose specific configurations and also specific devices groups per tags.
Let me know if this helped.
If I have answered your question, please mark your post as Solved
If you like my response, please consider giving it a like
6 Replies
Yes, you can use Microsoft Defender for Endpoint as part of a broader CIS benchmark assessment, but it’s important to note that it's not a dedicated CIS benchmarking tool on its own. It can help identify misconfigurations, compliance gaps, and security recommendations that align with CIS controls—especially through Secure Score and threat analytics. For a full CIS benchmark assessment, though, you might want to integrate it with tools like Microsoft Defender for Cloud or third-party solutions that are specifically designed for CIS compliance. On a different note, if you're into gaming, the recent fc mobile download has been trending—worth checking out!
Hi Huaye ,
CIS benchmark assessment is available through Microsoft Defender Vulnerability Management (MDVM). You may check the licensing requirements here. Basically, the safest way is to onboard servers on Arc, and enable Microsoft Defender for Cloud P2. But, it can be offered as an add-on with Microsoft Defender for Endpoint P2 licensing.
The functionality you are looking for is Baseline assessments, you can find details here.
If I have answered your question, please mark your post as Solved
If you like my response, please consider giving it a like
Huayehi cyb3rmik3 Thank you very much for your response. However, one thing I'm not sure about is: if we onboard the servers to Azure Arc, then enable Microsoft Defender for Cloud P2, in the Defender for Cloud portal security policies, I can't see any CIS standard related to Windows2022 sever. Does this mean the only option is to purchase Defender for Endpoint P2 and then the MDVM add-on license? Thank you.
Hello Huaye,
If your servers are already on Azure Arc with MDC P2 enabled go through the Unified Security Operations portal, Endpoints > Vulnerability management > Baseline assessments > Profiles and here click Create.
Here, you can choose the CIS version required.
And following you can choose specific configurations and also specific devices groups per tags.
Let me know if this helped.
If I have answered your question, please mark your post as Solved
If you like my response, please consider giving it a like
