Windows Hardening#
The structured Windows-hardening references the operator hands to a blue team. Microsoft’s own Security Baselines (delivered via the Security Compliance Toolkit) carry the per-version GPOs; CIS and DISA STIGs cover the audit-grade checklists; community guides fill in the gaps the official baselines skip.
References#
Windows Defend for the runtime monitoring side.
Windows Registry for the registry locations audits and policies touch.