Microsoft's free Security Assessment Tool (MSAT) is designed to help organizations assess weaknesses in their IT...
security environment and provides guidance to strengthen areas identified during the assessment where risks and defences are not aligned. It follows the defense-in-depth concept -- layered defenses that include technical, organizational and operational controls -- and is based on accepted standards and best practices, such as ISO 27001 and NIST-800.x. The tool, essentially an application assessment questionnaire, is used to evaluate the effectiveness of your security strategy over four areas: people, processes, resources and technology.
Upon completion of the assessment, MSAT then provides recommendations and prescriptive guidance for managing the risks that have been highlighted for your particular environment, existing technology and current security posture. The Microsoft security assessment tool’s recommendations are designed to move your security policies, processes and controls towards recognized best practices. As the assessment is repeatable, it can be used to monitor improvements to your infrastructure’s ability to respond to security threats.
Be aware, however, that this tool does not perform a network scan looking for unpatched vulnerabilities or misconfigured devices. That task needs a tool like Microsoft's free Baseline Security Analyzer (MBSA), which scans both local and remote Microsoft systems for common security misconfigurations. It also identifies missing security updates and service packs available through various Microsoft Update technologies, helping to ensure all machines are patched correctly.
Like most good security scanners, MBSA reports include not only details about any failed tests, but also suggested corrective measures, often with specific guidance on how to fix the problem, such as links to service packs or Microsoft Security Bulletins. Even if you’re up to date with all your patches, you’ll be surprised at how many administrator errors MBSA can pick up.
If your organization is still using older versions of Microsoft products that aren’t supported by MBSA, such as Office 2000 and SQL Server 7.0 and 2000, you should check out the MBSA companion tool Shavlik NetChk Limited provided free by Shavlik Technologies, LLC. This utility analyzes the patch status of those Microsoft products not supported by current Microsoft patch technologies and outputs the results to an XML file that can be viewed via MBSA.
MBSA is an easy, straight-forward tool to use and makes a good companion tool to MSAT. There is plenty of supporting information if you need help; including a very good FAQ section and an on-demand webcast that shows you how to use MBSA in common scenarios to improve your security update management process.
Dig Deeper on Risk assessments, metrics and frameworks
Related Q&A from Michael Cobb
By performing ongoing risk assessments, organizations can keep their SSH vulnerabilities at a minimum and ensure their remote access foundation is ... Continue Reading
Sending sensitive information in attachments is inherently unsafe, and the main way to secure them -- encryption -- can be implemented inconsistently... Continue Reading
Spyware can steal mundane information, track a user's every move and everything in between. Read up on the types of spyware and how to best fix ... Continue Reading