Greetings. In case you haven’t already read about it, we recently updated the Microsoft Security Assessment Tool (MSAT). Version 4.0 hit the web on 31 October. It’s been four years since the initial release, and two years since the prior version. Between then and now your security world has evolved a lot, and the tool now reflects that.
Read more: http://technet.microsoft.com/en-us/security/cc185712.aspx
Download now: http://www.microsoft.com/downloads/details.aspx?FamilyId=CD057D9D-86B9-4E35-9733-7ACB0B2A3CA1&displaylang=en
Take a few moments and give yourself a security checkup. If you have any comments or feedback on the tool, feel free to leave them here on my blog—I’ll make sure the right people see it.
Update: got an email from someone with two questions:
From the download page:
The MSAT employs a holistic approach to measuring your security posture by covering topics across people, process, and technology. Findings are coupled with prescriptive guidance and recommended mitigation efforts, including links to more information for additional industry guidance. These resources may assist you in keeping you aware of specific tools and methods that can help change the security posture of your IT environment.
There are two assessments that define the Microsoft Security Assessment Tool:
The questions identified in the survey portion of the tool and the associated answers are derived from commonly accepted best practices around security, both general and specific. The questions and the recommendations that the tool offers are based on standards such as ISO 17799 and NIST-800.x, as well as recommendations and prescriptive guidance from Microsoft’s Trustworthy Computing Group and additional security resources valued in the industry.
After completing an Assessment, you will gain access to a detailed report of your results. You may also compare your results with those of your peers (by industry and company size), provided that you upload your results anonymously to the secure MSAT Web server. When you upload your data the application will simultaneously retrieve the most recent data available. To be able to provide this comparative data, we need customers such as you to upload their information. All information is kept strictly confidential and no personally identifiable information whatsoever will be sent.
PingBack from http://amdtalk.com/1969/steve-riley-on-security-updated-microsoft-security-assessment-tool/
Thanks for the link. I will download that and will let you know the drawbacks and advantages of it.
I'm curious, is there a way to look at all the questions it asks before installing it?
Has the Vista x64 been corrected? The dowload link still has the original post date.
Looks like the Vista x64 is not working yet. Eagerly awating a full working version for it.
I've downloaded MSAT 4.0 and begun to use it.
I've discovered a problem in the both versions (french and english) : in the complete report, the "Operation" link point to the "People" section and thus there is no Operation section in the report.
Is it a bug ?
Thanks for your answers.