Microsoft published a new tool, Web Application Configuration Analyzer (WACA). This tool scans a server against a set of best practices recommended for production servers. The list of best practices is derived from the Microsoft Information Security & Risk Management Deployment Review Standards used internally at Microsoft to harden production and pre-production environments for line of business applications.
It uses an agent-less scan that requires the user to have admin privileges on the target server, as well as any SQL Server instances running on that machine.
•
Scan a machine for more than 140 rules
•
Generate HTML based reports
•
Compare two scans to view the differences
•
Export results to Excel
•
Export results to Team Foundation Server
You can download the tool from Microsoft
here .
No comments:
Post a Comment