HotCakeX
commented
1 year ago To apply the hardening measures, the module uses Group Policies, as explained in the readme.
The Confirm-SystemCompliance uses system registry to audit the security measures applied by Group policies. More info
The best way to configure Windows is using Group Policies and only use direct registry editing or PowerShell cmdlets if no Group Policy is provided, that's exactly how Protect-WindowsSecurity operates.
I checked that script you mentioned, it uses PowerShell cmdlet to verify the ASR rules, which is okay too, but that doesn't mean this module has a bug.
The Confirm-SystemCompliance is built to check hardening measures applied by Protect-WindowsSecurity cmdlet.
So, for locally managed PCs, Group policy should be used. For cloud managed PCs, CSPs from Intune should be used. There are links to each of them on the readme.
For any other items, i need to know more details.
Tools category
Harden Windows Security Module
Does your system meet the requirements?
Is your Windows installation genuine?
Please explain the bug
Just started using this to check compliance. I had previously used: win10-asr-get.ps1 to check ASR policies. This test shows as passed for all 12.
However, with this compliance check, all of the ASR policies show False 1. Along with a lot of other things failing, other scripts show them as active.