New hardening settings have been released with Security Center baseline version 7.0.

• Enable Cross Scope Privilege Checks on Service Portal Form [New in Security Center 7.0]
• Validate query ACLs on Glide DB functions [New in Security Center 7.0]
• Use Document Classification to limit publicly accessible documents [New in Security Center 7.0]
• Restrict write access on system fields to admin users [New in Security Center 7.0]
• Require approval for agent-based Office 365 group membership changes [New in Security Center 7.0]
• Exclude Sensitive Tables and Fields from Data Generation [New in Security Center 7.0]
• Enforce Read Roles for Catalog Variable Search [New in Security Center 7.0]
• Enforce valid query string choice [New in Security Center 7.0]
• Restricted Binding functionality in case Bearer Authorization [New in Security Center 7.0]
• Disable resource owner password credentials (ROPC) in OAuth 2 token grants [New in Security Center 7.0]
• Enforce certificate trust [Updated in Security Center 1.3, removed in 2.0, added in 7.0]
• Prevent usage of 3DES keys [New in Security Center 7.0]
• Allow HTML Links to Trusted Domains in the Description Fields of the Impact Workspace Module [New in Security Center 7.0]
• Ensure Contextual Search Do Not Contain An Unvalidated Redirect [New in Security Center 7.0]
• Sanitize HTML in the Description Fields of the Impact Workspace Module [New in Security Center 7.0]