MS updates Web app scanner

SAN FRANCISCO — Microsoft Corp has just released version 2.0 of its Web Application Configuration Analyzer.
A free download, the Web Application Configuration Analyzer scans IIS servers, hosted applications, and SQL Server instances for common security issues and misconfigurations.
 
Version 2.0 contains 159 rules, each of which is a specific security check that generates a Passed, Failed, or Indeterminate outcome in the resulting report. Rules are broken down into three separate categories: General Applications, IIS Applications, and SQL Applications
.
The rule checks were determined by Microsoft’s Information Security and Risk Management review team, whose job it is to harden pre-production and production servers within Microsoft. These checks are now being shared with the public.
Each rule category can be expanded to reveal the underlying rule details, Microsoft says. Any rule that is not appropriate for a scan can be suppressed. Once a suppression list has been set up it can be saved for future uses.  Suppressions can be changed and a report regenerated without needing to re-run the scan. IT staff can view multiple scans of the same machine or view a single machine’s scan and compare it to other machines.

The reporting section has been updated to include suppression information to show what passed, failed, was not applicable and what was suppressed.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now