Releases: devnomadic/ACSC-WindowsHardening
Releases · devnomadic/ACSC-WindowsHardening
Release list
Release 1.0.0.0
ACSC Windows Hardening v1.0.0.0
📦 Packages
ACSCHighPriorityHardening
- File:
ACSCHighPriorityHardening-v1.0.0.0.zip - Size: 496.98 KB
- SHA256:
0D82E6A5A7DD0E062DDF32134F02FB6F7EB333BB60A5CFF2EC0EAA500FDB2CDA
ACSCMediumPriorityHardening
- File:
ACSCMediumPriorityHardening-v1.0.0.0.zip - Size: 495.99 KB
- SHA256:
1A1C9E301C6494FCCC1FB6887D9B9F1ED7F3B694367D267A21B75457AB99D57C
📋 Policy Definitions
This release includes the following Azure Policy definitions:
acsc-high-priority-policy.json- High Priority hardening controlsacsc-medium-priority-policy.json- Medium Priority hardening controls
🚀 Deployment
Quick Start
- Download the packages and policy files
- Upload packages to Azure Storage
- Deploy policies using Azure Portal or CLI
Azure CLI Deployment
# Set variables
$subscriptionId = "your-subscription-id"
$resourceGroup = "your-resource-group"
$storageAccount = "your-storage-account"
# Deploy using the provided script
./scripts/Deploy-ACSCToAzure.ps1 \`
-SubscriptionId $subscriptionId \`
-ResourceGroupName $resourceGroup \`
-StorageAccountName $storageAccount📚 Documentation
✅ What's Included
High Priority Controls
- Password policies (14 character minimum)
- Account lockout policies
- Audit policies
- User rights assignments
- UAC settings
- Attack Surface Reduction (ASR) rules
- Credential protection
- BitLocker configuration
- Windows Defender settings
- PowerShell security logging
Medium Priority Controls
- Extended password policies
- Screen saver/session locking
- RDP security hardening
- Network security settings
- Removable storage controls
- Firewall configuration
- Service hardening
🔧 Configuration Mode
Both configurations support ApplyAndAutoCorrect mode for automatic drift remediation:
- Checks compliance every 15 minutes
- Automatically corrects non-compliant settings
- Maintains security posture continuously
📝 Notes
- All Registry resources include
Force = $trueto handle existing values - Compatible with Windows Server 2016, 2019, 2022
- Requires Azure Machine Configuration extension
- Uses DirectResourceEngine for enhanced reliability
🐛 Known Issues
None reported for this release.
🤝 Contributing
See CONTRIBUTING.md for contribution guidelines.
Generated: 2025-12-13 15:47:47 UTC
Build: GitHub Actions