Secure Windows Auditor v2.0
Strengths: Decent operational security assessment tool
Weaknesses: Limited risk picture
Verdict: Provides a comprehensive operational overview of security posture, with an easy-to-use interface, good reporting
Secure Windows Auditor (SWA) is a security assessment tool that empowers network administrators and security auditors to inspect vulnerabilities in Windows-based systems.
Running from a centralised location this tool identifies vulnerabilities and categorises them according to their respective risk levels. It also provides step-by-step solutions to eliminate them; thus simplifying the enormous task of securing Windows operating systems.
SWA remotely connects through wireless and wired mediums to machines on the network. After successful authentication, the respective machine is scanned for threats and vulnerabilities. The collected data is then analysed according to the embedded regulatory requirement policies of PCI DSS and SOX. The user also has the option of customising a regulatory requirements policy according to the organisation's information security needs.
Secure Windows Auditor offers several penetration testing and forensics tools.
SWA incorporates a dynamic reporting module that generates comprehensive reports. These display detected vulnerabilities by name and categories, the associated risk level, a detailed description of the issue and the complete specification of the vulnerability.
The solution did include its own internal vulnerability scanner. The search capabilities were great, allowing you to quickly view detailed vulnerability data and display desired audit results. There were remediation recommendations on the form of step-by-step solutions to mitigate the effect of the vulnerability.
There are multiple levels of support available for a fee. Basic support includes phone and email and 24/7 online support.
SWA is sold as client side software, deploys on a Windows server running .Net and uses a SQL backend. According to the installation manual, the install process appears to be fully automated and deploys quickly.
This solution supports most standard network and security products and included a great network scan/discovery tool. There was also a real-time port scanner that can routinely update a user as to new devices that exist in the environment that have yet to be included under management.
At a price of £130 for ten IPs, Secure Windows Auditor is a good value operational security assessment solution.