What is the difference between CIS Level 1 and Level 2 profiles?

Level 1 is a corporate-ready baseline with minimal user impact, while Level 2 includes more restrictive settings intended for high-security environments handling sensitive data.

Can I use this for non-domain joined computers?

Yes, while it emphasizes GPO for enterprise deployment, the skill also provides guidance for using LGPO.exe on standalone systems.

Which Windows versions are supported by this skill?

This skill supports Windows 10/11 Enterprise and Windows Server 2019/2022 target endpoints.

How do I validate if the hardening was successful?

The skill includes workflows for running the CIS-CAT Pro or Lite Assessor to generate compliance reports and score your configuration against the benchmark.

Windows Endpoint Hardening with CIS Benchmarks

Name: Windows Endpoint Hardening with CIS Benchmarks
Author: micsapp

bymicsapp

0•

安全与测试

Hardens Windows endpoints using CIS Benchmark recommendations to reduce attack surfaces and ensure security compliance.

This skill provides a structured framework for securing Windows 10, 11, and Server 2019/2022 environments using industry-standard Center for Internet Security (CIS) Benchmarks. It guides users through selecting appropriate security profiles (Level 1 vs. Level 2), importing GPO baselines, configuring critical account and audit policies, and validating compliance using CIS-CAT. It is particularly useful for security engineers and system administrators who need to meet strict regulatory requirements like PCI DSS, HIPAA, or SOC 2 while establishing a robust defensive posture across enterprise endpoints.

主要功能

01Implementation of CIS Level 1 and Level 2 security profiles

02Validation procedures using CIS-CAT Pro and Lite assessors

030 GitHub stars

04GPO baseline management and Active Directory deployment workflows

05Standardized exception documentation and drift monitoring patterns

06Hardening of account policies, audit logs, and Windows Firewall

使用场景

01Establishing organization-wide security baselines via Group Policy

02Remediating compliance audit findings for regulatory standards

03Securing new Windows workstation and server deployments

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add micsapp/micstec-skills hardening-windows-endpoint-with-cis-benchmark

For use in Claude.ai and ChatGPT

主要功能

01Implementation of CIS Level 1 and Level 2 security profiles

02Validation procedures using CIS-CAT Pro and Lite assessors

030 GitHub stars

04GPO baseline management and Active Directory deployment workflows

05Standardized exception documentation and drift monitoring patterns

06Hardening of account policies, audit logs, and Windows Firewall

使用场景

01Establishing organization-wide security baselines via Group Policy

02Remediating compliance audit findings for regulatory standards

03Securing new Windows workstation and server deployments

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add micsapp/micstec-skills hardening-windows-endpoint-with-cis-benchmark

For use in Claude.ai and ChatGPT