What is MS doing in order to provide a security baseline witing the CB branch. currently we do not see a published security baseline untill CBB. with thsi it is hard to follow teh MS model pilot 4 months
The security teams are analyzing this now. They expect to publish new
baselines for Windows 10 1703 this summer, roughly around the time that
Windows 10 1703 is declared as "ready for broad deployment." There
aren't expected to be any major changes from the current security
baselines, so those are considered good for pilot deployments.
The strategy at my organization has been to validate the new OS build in the early branches.( Ring 1 ) encouraging the Bureaus we support to engage the ISV to validate support. Once we hit CBB and have a security baseline from Microsoft we need to then test again using the security baseline. (Ring 2) However, this puts us about 6 to 8 month past GA. This means that a dedicated resource now needs to be made for WaaS as by the time we have validated a build for CBB, we have a new CB build we need to validate.