May 04 2017 09:26 AM
What is MS doing in order to provide a security baseline witing the CB branch. currently we do not see a published security baseline untill CBB. with thsi it is hard to follow teh MS model pilot 4 months
May 04 2017 09:34 AM
May 04 2017 09:49 AM
The strategy at my organization has been to validate the new OS build in the early branches.( Ring 1 ) encouraging the Bureaus we support to engage the ISV to validate support. Once we hit CBB and have a security baseline from Microsoft we need to then test again using the security baseline. (Ring 2) However, this puts us about 6 to 8 month past GA. This means that a dedicated resource now needs to be made for WaaS as by the time we have validated a build for CBB, we have a new CB build we need to validate.
May 04 2017 11:12 AM
Also, can you tell me if MS is working to align its security recomendations along with CIS Security baseline.