After starting delivering group policy objects like capability, Intune is now getting a security baseline feature.
You can start using it either by searching for Security Baselines from your Azure portal, Office 365 mobile device management portal, or by accessing it through the direct URL (as the feature deployment is still in progress this may not yet be visible) https://ms.portal.azure.com/#blade/Microsoft_Intune_Workflows/SecurityBaselineMenu/securityBaselines
The Security Baslines capability is based on the well known Security and Compliance Toolkit (SCT) – https://docs.microsoft.com/en-us/windows/security/threat-protection/security-compliance-toolkit-10
At this stage, only one baseline is available for Windows 10 but more will come
You have to take a care when starting using it as it seem the profiles you will create during the preview will not be migrated/converted after the general release.
First thing is to create a baseline profile by either accessing the Overview blade or the Profiles blade and use the Create profile
From there you can then configure the different settings you want to configure
NOTE if you hit the explanation mark 
it displays below the setting the explanation
Then once the profile is created you need to apply it by assigning to an Intune device group
After sometime you will get report of baseline compliant/not compliant devices
