Windows Security Checks
10 checks Pareto Security runs on Windows
Each check covers a common security misconfiguration on Windows, with links to step-by-step fixes.
Access Security
| Check | Description | Required in frameworks |
|---|---|---|
| Password after sleep or screensaver is on | Waking from sleep or the screensaver requires the account password, not just any keypress. | CIS ISO NIST CSF SOC |
| Password manager is installed | A password manager helps you generate, store, and use a unique strong password for every account. | NIST CSF Essentials SOC |
| Screen Saver shows after 20 min | The screen locks automatically after a period of inactivity to prevent unauthorized access when you're away. | CIS ISO NIST CSF SOC |
Application Updates
| Check | Description | Required in frameworks |
|---|---|---|
| Automatic Updates are enabled | Windows Update keeps the OS, drivers, malware definitions, and Microsoft apps current. | CIS ISO NIST CSF SOC |
| Package managers delay new releases | Developer package managers wait at least 7 days before installing newly published packages, giving registries time to detect compromised releases. | SOC |
| Pareto Security is up-to-date | You're running the most recent version of Pareto Security so it ships the latest checks. | |
Firewall & Sharing
| Check | Description | Required in frameworks |
|---|---|---|
| Firewall is on | Windows Defender Firewall blocks contact from other computers on the Internet or on your network. | CIS ISO NIST CSF SOC |
| Remote Login is off | Remote Desktop (RDP) lets other devices control your computer and should be off unless actively needed. | CIS Essentials |
System Integrity
| Check | Description | Required in frameworks |
|---|---|---|
| Antivirus is installed | Antivirus software protects Windows from viruses, malware, and other threats in real time. | CIS ISO NIST CSF SOC |
| Disk encryption is enabled | BitLocker encrypts the entire drive so your files stay protected if the device is lost or stolen. | CIS ISO NIST CSF SOC |