Summary

With the release of Windows 10 1703, Microsoft retired the Security Compliance Manager (SCM) tool, a good source of GPO baselines since 2010. It will be replaced by the new Security Compliance Toolkit (SCT), which can be found at https://www.microsoft.com/en-us/download/details.aspx?id=55319. Additional tools such as the Baseline Management module and the Desired State Configuration Environment Analyzer (DSCEA) tool have been released on GitHub to fill the gap between the old SCM and the new SCT. More details can be found in the following blog: https://blogs.technet.microsoft.com/secguide/2017/06/15/security-compliance-manager-scm-retired-new-tools-and-procedures/.

In this chapter, you learned about the new and improved security capabilities of Windows 10 and how they can protect you in the current cyber-security threat scenario. Raising the security level is an ongoing effort, and future releases of Windows 10 will bring additional security features soon. But even with all these security features, a breach can occur. So it is important to detect such a breach as soon as possible, find its point of origin, and take suitable countermeasures.

The new Windows Defender ATP post-breach security options, including memory injection protection and Windows Defender Security Center, can help you with this challenge and will be covered in the next chapter.