Windows Secure Baseline
github.com/nsacyber/Windows-Secure-Host-BaselineGroup Policy objects, compliance checks, and configuration tools that provide an automated and flexible approach for securely deploying and maintaining the latest releases of Windows 10.
Windows Secure Baseline Source Code
Author
Description
Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber
Homepage
License
NOASSERTION
Created
26 Feb 16
Last Updated
29 Nov 24
Primary Language
HTML
Size
3,752 KB
Stars
1,557
Forks
286
Watchers
1,557
Language Usage
Star History
Top Contributors
- @iadgovuser1 (348)
- @iadgovuser6 (73)
- @jhofferle (1)
- @Phil-Champ (1)
- @WesR (1)
- @philkloose (1)
Recent Commits
- iadgovuser1 (12 Sept 18)
fixes #63
- iadgovuser1 (10 Aug 18)
update main readme and documentation based on removed folders and renaming of repo
- iadgovuser1 (10 Aug 18)
update main readme based on removed folders
- iadgovuser1 (10 Aug 18)
Fixes #59
- iadgovuser1 (10 Aug 18)
fixes #58
- iadgovuser1 (10 Aug 18)
Remove unused Device Whitelisting folder. Fixes #55
- D76C6399A0F334216B3A58BE07C3C3137D5E14542BC13CA38EB0800D9FFC1FE6 (10 Aug 18)
Merge pull request #56 from jhofferle/master Added PassThru parameter to Test-Compliance
- Jason Hofferle (09 Aug 18)
Added PassThru parameter to Test-Compliance
- D76C6399A0F334216B3A58BE07C3C3137D5E14542BC13CA38EB0800D9FFC1FE6 (10 Jul 18)
update iadgov links
- D76C6399A0F334216B3A58BE07C3C3137D5E14542BC13CA38EB0800D9FFC1FE6 (10 Jul 18)
update iadgov links
- iadgovuser1 (13 Jun 18)
fixes #54
- iadgovuser1 (31 May 18)
fixes #52
- iadgovuser1 (31 May 18)
performing better filtering when they are multiple XML or XSL files in a STIG zip file
- D76C6399A0F334216B3A58BE07C3C3137D5E14542BC13CA38EB0800D9FFC1FE6 (03 Nov 17)
Merge pull request #44 from Phil-Champ/master Corrected "Disbale" throughout.
- Phil-Champ (03 Nov 17)
Corrected "Disbale" throughout.
- iadgovuser1 (19 Jul 17)
update various links
- D76C6399A0F334216B3A58BE07C3C3137D5E14542BC13CA38EB0800D9FFC1FE6 (21 Jun 17)
Merge pull request #35 from WesR/patch-1 Fixed two minor misspellings
- Wes Ring (21 Jun 17)
Fixed two minor misspellings
- iadgovuser1 (31 May 17)
fixes #34
- iadgovuser1 (24 May 17)
add reference to mattifestation Device Guard bypass prevention rules at github.com/mattifestation/DeviceGuardBypassMitigationRules
- iadgovuser1 (05 May 17)
Merge branch 'master' of https://github.com/iadgov/Secure-Host-Baseline
- iadgovuser1 (05 May 17)
fix links
- iadgovuser1 (03 May 17)
attempt a fix for #33
- iadgovuser1 (03 May 17)
resolve PSAnalyzer finding
- iadgovuser1 (28 Apr 17)
add recent NIAP evaluation links
- iadgovuser1 (28 Apr 17)
add new chrome and google update templates, update chrome readme, update compliance readme with Nessus references
- iadgovuser1 (20 Apr 17)
fixes #29
- iadgovuser1 (19 Apr 17)
fixes #31, didn't find any other instances
- iadgovuser1 (19 Apr 17)
fix one more link
- iadgovuser1 (19 Apr 17)
fixes #28
Windows Secure Baseline Website
Website
GitHub: Letβs build from here Β· GitHub
GitHub is where over 100 million developers shape the future of software, together. Contribute to the open source community, manage your Git repositories, review code like a pro, track bugs and features, power your CI/CD and DevOps workflows, and secure code before you commit it.
Redirects
Does not redirect
Security Checks
All 66 security checks passed
Server Details
- IP Address 140.82.112.4
- Hostname lb-140-82-112-4-iad.github.com
- Location San Francisco, California, United States of America, NA
- ISP GitHub Inc.
- ASN AS36459
Associated Countries
- US
Saftey Score
Website marked as safe
100%
Blacklist Check
github.com was found on 0 blacklists
- ThreatLog
- OpenPhish
- PhishTank
- Phishing.Database
- PhishStats
- URLhaus
- RPiList Not Serious
- AntiSocial Blacklist
- PhishFeed
- NABP Not Recommended Sites
- Spam404
- CRDF
- Artists Against 419
- CERT Polska
- PetScams
- Suspicious Hosting IP
- Phishunt
- CoinBlockerLists
- MetaMask EthPhishing
- EtherScamDB
- EtherAddressLookup
- ViriBack C2 Tracker
- Bambenek Consulting
- Badbitcoin
- SecureReload Phishing List
- Fake Website Buster
- TweetFeed
- CryptoScamDB
- StopGunScams
- ThreatFox
- PhishFort
Website Preview
Windows Secure Baseline Reviews
More Windows Defences
-
Capture and interprets network traffic based on a set of rules, and depending on the interactions certain assignments are blocked. Open source, written in Go and delivered as a single executable.
-
A utility that disables a number of risky Windows features. These "features" are exposed by the OS and primary consumer applications, and very commonly abused by attackers, to execute malicious code on a victim's computer. So this tool just reduces the attack surface by disabling the low-hanging fruit.
-
A portable app that lets you disable core Windows features (such as Cortana, Edge) and control which data is passed to Microsoft. (Note: Free, but not open source).
-
Portable app with a GUI, that makes it really easy to safely block key telemetry features, from sending data to Microsoft and other third parties (It uses the Windows API to interact with key features of Local Group Police, Services, Tasks Scheduler, etc).
-
Anti low-level keylogger: Provides full system-wide key press protection, and target window screenshot protection.
-
Provides protection against software keyloggers. Encrypts keypresses at driver level, and decrypts at application level, to protect against common keyloggers.
-
Portable virtual keyboard. Useful for protecting from keyloggers when using a public computer, as it can run of a USB with no administrative permissions.
-
Useful utility, that attempts to terminate known malware processes, so that your normal security software can then run and clean your computer of infections.
-
A utility for configuring encryption protocols, cyphers, hashing methods, and key exchanges for Windows components. Useful for sysadmins on Windows Server.
-
Internet traffic control and monitoring tool.
-
Scans for accessibility tools backdoors via RDP.
-
A CLI utility that shows file version number, timestamp information, and digital signature details.
-
Clears cache and deletes temporary files very effectively. This frees up disk space, improves performance, but most importantly helps to protect privacy.
-
Detects infected USB removable devices.
-
Rootkit detection and removal utility.
-
Blocks malicious background applications from taking screenshots.
-
Blocks unauthorized webcam access.
-
Open source GUI app built upon PowerShell, allowing you to perform a quick and easy privacy check, on Windows 10 systems.
-
Light-weight, portable app for controlling the many privacy-related settings within Windows 10- with the aim of helping to keep private data, private.
-
Good alternative to CCleaner, for deleting unnecessary data - logs, cache, history, etc.
About the Data: Windows Secure Baseline
API
You can access Windows Secure Baseline's data programmatically via our API.
Simply make a GET
request to:
https://api.awesome-privacy.xyz/operating-systems/windows-defences/windows-secure-baseline
The REST API is free, no-auth and CORS-enabled. To learn more, view the Swagger Docs or read the API Usage Guide.
About the Data
Beyond the user-submitted YAML you see above, we also augment each listing with additional data dynamically fetched from several sources. To learn more about where the rest of data included in this page comes from, and how it is computed, see the About the Data section of our About page.
Share Windows Secure Baseline
Help your friends compare Windows Defences, and pick privacy-respecting software and services.
Share Windows Secure Baseline and Awesome Privacy with your network!