Free tool repairs critical Windows configuration vulnerabilities
Posted on 22 May 2013.
Tripwire announced SecureCheq, a free configuration utility that helps evaluate and repair the most common, critical configuration vulnerabilities in Windows desktops and servers.


Windows operating systems contain hundreds of configuration parameters that need to work together to maintain the optimal balance between security and business needs. Preserving this balance is difficult because enterprise networks are constantly changing as devices are added, removed and changed.

Assessing these security configuration errors requires constant vigilance, and repairing them requires extensive, built-in step-by-step remediation advice. SecureCheq offers both.

“One of the leading causes of breaches is simple configuration errors that can be easily exploited by attackers,” said Wendy Nather, research director, enterprise security practice at 451 Research, an independent technology industry analyst. “System hardening is an important and relatively low-cost method to significantly improve security posture.”

Secure configurations are required by a wide range of security policies and regulations including Defense Information Systems Agency (DISA), Health Insurance Portability and Accountability Act (HIPAA) and North America Energy Reliability Corporation (NERC) as well as the comprehensive hardening guidelines available from Center for Internet Security (CIS).

To maintain secure configurations, IT security teams need concise, rapid and easily understandable assessments of their IT security configurations. SecureCheq tests common configuration errors and provides free insight on the following Microsoft Windows operating systems:
  • Windows Server 2003 / 2008
  • Windows Server 2012
  • Windows XP
  • Windows 7
  • Windows 8.
SecureCheq evaluates over twenty different security configuration errors and provides a comprehensive report that includes detailed remediation guidance for problems discovered in the following configuration categories:
  • Operating system hardening
  • Data protection
  • Communication security
  • User account security
  • Logs and auditing.
SecureCheq reports on configuration vulnerabilities using OVAL (Open Vulnerability Assessment Language), an open source language designed to support interoperability and automation among security tools and services.

“Secure configurations are one of the most cost-effective strategies for improving enterprise security. SecureCheq provides tools to go from weak, vulnerable configurations to stronger, more secure configurations for free. The challenge is that organizations don’t have the tools to collect the data or, more often, don’t know where to start,” said Dwayne Melancon, CTO for Tripwire. “SecureCheq assesses the configuration of a device and then pinpoints the precise information necessary to harden it. SecureCheq provides concise, rapid, easily understandable assessments of configurations, along with recommended actions to improve security.”





Spotlight

Fighting malware, emerging threats and AI

Posted on 24 November 2014.  |  Liran Tancman is the CEO of CyActive, a predictive cyber security company. In this interview he talks about fighting malware, emerging threats, artificial intelligence and the cloud.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Nov 25th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //