Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

CIS benchmarks/compliance baselines

Copper Contributor



I am trying to locate CIS benchmarks/compliance baselines specifically targeting Windows 10. 


This documentation implies that these exist somewhere within the scope of the  Azure/Intune/Endpoint/Defender/Security portals:


"Security baselines provide support for Center for Internet Security (CIS) benchmarks for Windows 10, Windows 11, and Windows Server 2008 R2 and above, as well as Security Technical Implementation Guides (STIG) benchmarks for Windows 10 and Windows Server 2019"


However, I have been unable to locate these. 


The documentation says: "Go to Vulnerability management > Baselines assessment in the Microsoft 365 Defender portal". 

However, the menu item "Baselines assessment" does not show at all in my view of that portal using a GA login.


I have tried activating a trial which I thought may hold the answer, but this does not appear to have surfaced anything new:


We're a UK-based CSP customer, if that matters. 


I would be grateful for any advice as to where we can find these benchmarks and make use of them for our endpoint managed devices.  If these benchmarks represent a feature which is yet to be made generally available, any information as to timelines to a release would also be immensely useful.


Many thanks in advance,



1 Reply

@RobertEllisArb I believe the "Baselines assessment" feature in the Microsoft 365 Defender is only available for customers with an E5 or Microsoft Defender for Endpoint Plan 2 license. Do you have this plan?