There are different security hardening recommendations across these three sources:

6.5 Update 1 Security Configuration Guide

6.7 Update 1 Security Configuration Guide

Compliance Kit for NIST 800-53

For example: the Compliance Kit for NIST 800-53 recommends configuring this VM hardening setting:

Get-VM "VM Name" | Get-AdvancedSetting -Name isolation.tools.autoInstall.disable

However this KB mentions that this setting is no longer required in vSphere 6.5.

The Compliance Kit for NIST 800-53 has overlap with the 6.5/6.7 Security Configuration Guides, but it also has non vSphere application recommendations such as AppDefense, which is not referenced in the other two guides.

What guides are people using to harden their environment? It’s becoming difficult to consolidate all of these different hardening guides into a single set of recommendations.