The future of security baseline management has arrived: Download the Security Compliance Manager!

The Security Compliance Manager is now available for download! Windows 7 security just got easier. The tool includes support for this and other Microsoft operating systems and applications.

Many thanks to those of you who participated in the beta review program, and thanks to those who helped us spread the word about this new tool.

Download the Security Compliance Manager.

Learn more about the Security Compliance Manager.

The release of this tool represents the result of hard work and collaboration with IT pros, government agencies, and Microsoft security experts around the globe. We’re excited to provide you and your organization with a tool to better balance your needs for security and functionality, and help you to efficiently manage the security and compliance process.

SCM Hardening Process

The Security Compliance Manager will help you accelerate knowledge to merge best practices, customize once to centralize decision making, and export to multiple formats to enable monitoring, verification, and compliance. The tool is designed to accelerate your organization’s ability to efficiently manage the security and compliance process for the most widely used Microsoft technologies.

We hope you’ll take the time to download the Security Compliance Manager. We’re excited about this new release, and once you’ve tried it, we’d love to hear from you!

Share your favorite feature. Let us know if you used the tool to secure Windows 7, Internet Explorer 8, or another OS or application. Enjoy!


Vlad Pigin  - vlpigin @ microsoft dot com  

Solution Accelerators   Microsoft Corporation

Comments (19)
  1. I downloaded the tool and it looks GREAT!  I am eager to get rolling with it.

    It appears that Step 1 will be to take one of the MSFT baselines and edit it to match what we currently have defined as our security standard?  

    Is there a way to use an existing GPO/GPOReport/GPResult/GPModeling/DCM/etc of our existing standards and derive a baseline based on those thousands of settings rather than having to go through and hand-edit an existing MSFT baseline?  

    It would seem the opportunity for human error is very high in hand-editing an existing baseline vs importing one which is created from an actual GPOExport/Report/model/etc



  2. David Lusty says:

    Does this mean that the individual kits are no longer available? Although I'm sure this is a good product i'm not sure I like having to set up a SQL express instance and application just to create a policy that I used to simply import from an inf file. Is it possible to make both available, or if they are both available tell us where you hid the zips!



  3. tony says:


    Where do we go in technet to log/report/inquire about errors/bugs in the Security Compliance Manager?

  4. Vlad Pigin says:

    Hine thank you for your feedback. Unfortunately we do not currently have the feature to take your existing GPO/DCM and compare it to Microsoft recommended baselines. However this is the #1 requested feature and is on our roadmap to implement. It will be delivered in the next version of the tool.

  5. heu says:

    Is there any way to get it to work with a proxy?

  6. susan Winn says:

    error message, would not download !  What can be done?

  7. susan Winn says:

    error message, would not download !  What can be done?

  8. SecPro says:

    I'm so excited by the tool, but the "quick start video" link goes nowhere. Withoutmeaning tobe rude, the current videos are not helpful, and what I am really looking for is a quick overview screencast of common scenarios that one might use the tool for.

    Where are the demos? Where is the end to end information? Talking heads describing favorite features are nice, but do not achieve my security objectives.

    I hope you are able to share your expertise through more meaningful video demonstrations soon.

  9. Michelle says:

    I downloaded it and during the installation wizard a message said operating system not supported and I am using Windows 7.  

  10. Joe says:

    Please publish links to Documentation and How-Tos.  Please update Technet with a QucikStart Guide to help us get our feet wet.


  11. S.Rama says:

    I am also giving correct answers giving to your questions. Please send me files.

  12. Dennis West says:

    I agree with hilde that his idea needs to work in this tool. At this time I can not even find a way to add more setting to a baseline that does not exist in it currently. No Folder settings, no registry settings, and I can not even point the windows update to my WSUS server, the baselines included are all stripped down and pretty useless in a Closed area.

  13. Dennis West says:

    I mispoke, the Windows update portion does allow to point to internal WSUS server, but there needs to be a way to have every option available in Group Policy, like folder settings, registry setting (permissions) etc…. The ability to export a current GPO and import into this tool wold help. Govt programs need to follow rules from the ODAA guidelines, or from the NIST documents and not all the settings are available in this, that I feel need to be.

  14. Paranoid says:

    Hello respected people! I'm not a computer guy. I'm using Windows 7 x64 + Comodo Firewall with Widnows Firewall services off. Now, can I use Security Compliance Manager in my settings, computer. Or are there any other best practical ways. I really need some tech guys help. I am getting lots of problem. Some guys makes my router off, some guys makes my settings go off etc. Thanks. Have a wonderful time. Bye.

  15. Hidden says:

    Is there a way to compare a basline with the really applied polcies (e.g. with a gpresult file), other than by hand? This would speed up our compliance check like hell!

    Or is there an other way, to verify, that e.g. the EC-Basline has been corretly applied to a computer/user?

    Many thanks, Hidden

  16. Vlad Pigin says:

    I completely agree with you and currently team is actively working on planning and executing GPO import feature for the Security Compliance Manager. This is a priority feature for us today.

  17. Steve B says:

    Vlad any news on that GPO import feature?

  18. Jason F says:

    Any update on getting the a GPO import feature added to SCM?  This would be extremely beneficial to have.


Comments are closed.

Skip to main content