Integration with DISA STIGs and benchmarks
SCCM should be able to leverage STIGs and benchmarks to automate the compliance. SCM appears to have ended support, although it can still be found. It was ok, but to use for SCCM required numerous steps and not all items would transfer.
Agree. Currently we have to use the SCAP extensions or Security Compliance Manager tool which are both cumbersome. And when you finally do get a benchmark into SCCM Compliance Items the names for each benchmark are not friendly which makes finding a single on to edit extremely hard.
Guido Theunissen commented
This would be great as it would generate a baseline for all DISA STIG compliance settings per OS, other management platforms are offering this feature to monitor and enforce compliance settings.