Pau Lo
asked on
Windows security tools
Which tools do you use for security auditing of windows servers (by which I mean checking the configuration aligns with best practice and is free from administrative/configurati
Last Comment
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
masnrock
You could look at tools like OpenVAS.
ASKER
Does openvas run on windows?
No it doesn't, but at least it is free.
ASKER
Will check it out,thanks.
Dont think so but it maybe done indirectly.
For info, close to OpenVAS is Greenbone Security Manager for professional users, as GCE (Community ver) for users in SOHO environments, and as source packages, which are embedded into various Linux distributions as OpenVAS. The differences between these versions and the related Security Feed.
But it can scan target Windows machine still
https://docs.greenbone.net/GSM-Manual/gos-4/en/vulnerabilitymanagement.html#requirements-on-target-systems-with-windows
For info, close to OpenVAS is Greenbone Security Manager for professional users, as GCE (Community ver) for users in SOHO environments, and as source packages, which are embedded into various Linux distributions as OpenVAS. The differences between these versions and the related Security Feed.
The Greenbone Security Manager Community Edition (GSM CE) is a derivative of the GSM ONE for evaluation purposes. The GSM CE may be deployed using VirtualBox on Microsoft Windows, MacOS and Linux systems.https://docs.greenbone.net/GSM-Manual/gos-4/en/gsm_overview.html
In contrast to the commercial version the GSM CE uses the OpenVAS Community Feed instead of the Greenbone Security Feed. While the commercial versions support seamless updates of the operating systems new versions of the GSM CE are provided as ISO images requiring a new full installation. Further differences between the other GSM models and the GSM CE are explained on https://www.greenbone.net/en/community-edition/.
But it can scan target Windows machine still
https://docs.greenbone.net/GSM-Manual/gos-4/en/vulnerabilitymanagement.html#requirements-on-target-systems-with-windows
ASKER
Are there costs associated with DSCEA and DCA? Such as the baselines themselves?
Nope if you are already having the Windows build licences. DSC was introduced in Windows Server 2012 R2, it is available for down-level operating systems via the Windows Management Framework (WMF) package. You should talk to your IT support team too.
Windows OS
This topic area includes legacy versions of Windows prior to Windows 2000: Windows 3/3.1, Windows 95 and Windows 98, plus any other Windows-related versions including Windows Mobile.
129K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
