How to perform Microsoft Baseline Security Analyzer (MBSA) scans

Date: Apr 27, 2009

This month, Peter Giannoulis of TheAcademyPro.com and TheAcademyHome.com offers an overview of the free Microsoft Baseline Security Analyzer and explains how MBSA scans can be used to not only find misconfigured Windows operating systems, but also to highlight easy ways to improve system security.

Want more demos of free security tools? Check out the rest of our screencasts.

More on Security Testing and Ethical Hacking

Jose Granado on the benefits of penetration testing, ‘human hacking’
VIDEO - Ernst & Young’s Jose Granado discusses the benefits of penetration testing and the importance of including “human hacking” as well.
Dan Guido on teaching penetration testing courses; intrusion analysis
VIDEO - The iSec Partners consultant talks about his penetration testing courses at NYU, his research on intrusion analysis and rethinking intrusion defense.
Adobe: Bug reporting and the sandbox
VIDEO - Brad Arkin talks about Adobe's policy on "bug bounties" and why it's decided to play in a "sandbox."
Longstanding network security problems plague enterprises, Trustwave finds
News - While organizations focus on mobile security and other emerging threats, an analysis of more than 2,000 penetration tests conducted by Trustwave found older threats often overlooked.
( Feb 07, 2012 )
Nothing funny about SCADA and ICS security
News - A researcher calls the state of industrial control system security “laughable” and warns of the consequences of unpatched critical infrastructure that is reachable over the Internet.
( Feb 06, 2012 )
Adobe makes pitch for defensive security research to cripple exploit writing
News - Adobe security and privacy director Brad Arkin urges the security industry to develop technologies that make exploit writing costly.
( Feb 03, 2012 )
How penetration testing helps ensure a secure data store
Answer - A third-party penetration test is the best way to determine whether an online data store can be compromised.
Securing applications with a network pen test
Answer - Network penetration testing can help protect applications by uncovering weaknesses that provide an alternate route to sensitive data.

Security Channel
- HIPAA security checklist: 10 services your customers need
  
  HIPAA compliance services can lead to solid business growth for solution providers. Kevin McDonald's HIPAA security checklist has 10 ways to begin.
- Survey results: VARs report customers’ IT spending 2012 expectations
  
  VARs expect customers to increase spending on security more than any other IT area in 2012. See which security segments will grow the most.
- Create a computer security blog to attract and retain customers
  
  Blogging can produce new leads for security solution providers. Focus on content in your computer security blog that connects with customers.
Cloud Security
- Massachusetts 201 CMR 17.00 and cloud services
  
  Organizations face a March 1 deadline for ensuring their cloud and other service providers comply with Massachusetts’ data protection regulation.
- Are cloud providers HIPAA business associates?
  
  Deciding whether your cloud provider is a business associate comes down to a judgment call based on the type of cloud usage.
- SaaS security: Weighing SaaS encryption options
  
  A look at SaaS encryption techniques and challenges.
searchMidmarketSecurity
- Windows Phone 7 security: Assessing WP7 security features
  
  Windows Phone 7 security features are proving to be a mixed bag. Sam Cattle assesses the enterprise security pros and cons of the latest Windows mobile platform.
- Choosing the best security certifications for your career
  
  Whether starting your career or planning your next step as an IT security professional, this tip will guide you toward the best certifications for your interests and experience.
- Midmarket security tutorials
  
  SearchMidmarketSecurity.com’s tutorials offer IT professionals in-depth lessons and technical advice on the hottest topics in the midmarket IT security industry. Through our tutorials we seek to provide site members with the foundational knowledge needed to deal with the increasingly challenging job of keeping their organizations secure.
searchFinancialSecurity
- Web application threats: What you really need to know
  
  In this special presentation, Mike Rothman details today's top Web application threats and pragmatic methods to integrate security into the Web application development process.
- Ramnit worm variant now dangerous banking malware
  
  The Ramnit worm now supports man-in-the-middle attacks, giving cybercriminals the ability to drain a victim’s bank account.
- SIEM vendors make the case for extending SIEM product capabilities
  
  Advanced features can reduce the threat of wire fraud. New rule sets can be shared among banks and credit unions.
Security UK
- Study finds attacks slip past spotty patch management policies
  
  A study finds attackers targeting firms with poor patch management policies, exploiting vulnerabilities that should have been patched years ago.
- Survey: Types of DDoS attacks on the rise due to hacktivist groups
  
  New DDoS statistics suggest hactivist groups are to blame for an increase in the number and types of DDoS attacks across the Internet.
- Web application vulnerability statistics show security losing ground
  
  New Web application vulnerability statistics show the number of vulnerabilities is rising, despite the use of Web application development frameworks.
searchSecurityAU
- AISA launches new website
  
  With a reinvigorated look and feel, improved back-end infrastructure, and regularly updated information about the association the Australian Information Security Association website has been re-launched for the benefit of its members and the Australian IT Security industry.
- Cisco hardening guides for IOS, IOS-XR and NX-OS devices
  
  Patching routing and switching infrastructure in any organisation is often delayed, sometimes due to the potential impact on production systems and sometimes because the IT resources are simply too busy fighting fires.
- Cloud providers and data sovereignty issues
  
  Australian cloud provider Ninefold warn that understanding who has legal access to company and personal private data is not as simple as checking a box and selecting the 'in-country' option.
Information Security
- February 2012 Patch Tuesday: Critical IE, Windows kernel flaws fixed
  
  Flaws in Internet Explorer and the Windows C Runtime library could be used to gain access to system files and download additional malware onto a victim’s machine.
- Burp Suite training tutorial: Part 3 – Sequencer, decoder and composer
  
  In the third installment of our Burp Suite training tutorial, learn how to analyze tokens, decode requests and compare responses using Burp Suite tools.
- Airtel’s DLP technology rollout makes data egress a thing of the past
  
  Airtel’s DLP technology implementation, India’s largest, went live in December 2010. Join us in exploring its inner workings, even as it is poised for bigger things.

Latest Headlines

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

How to perform Microsoft Baseline Security Analyzer (MBSA) scans

How to perform Microsoft Baseline Security Analyzer (MBSA) scans

More on Security Testing and Ethical Hacking

More from Related TechTarget Sites