Microsoft release the Web Application Configuration Analyzer 2.0

Web Application Configuration Analyzer (WACA) is a tool that scans a server against a set of best practices recommended for pre-production and production servers.

The list of best practices is derived from the Microsoft Information Security & Risk Management Deployment Review Standards used internally at Microsoft to harden production and pre-production environments for line of business applications.

WACA uses an agent-less scan that requires the user to have admin privileges on the target server, as well as any SQL Server instances running on that machine. It can be used by developers to ensure that their codebase works within a secure / hardened environment (although many of the checks are not as applicable for developers).

This release of WACA includes some new feature:

  • Suppressions – you can now suppress any rule you feel is not appropriate for your scan.
  • Saving of suppression files – once you set up a suppression list you want to use you can save it off for future uses.
  • You can change the suppressions and regenerate the report without needing to re-run the scan.
  • Reporting – Updated the reporting section to include suppression information so you know what passed, failed, was not applicable and what was suppressed.
  • Multiple reports – you can view multiple scans of the same machine or view a single machine’s scan and compare it to other machines.
  • Export to the Microsoft RED format.
  • Scan multiple systems and SQL instances in one bulk scan.
  • Additional rules – we’ve added in additional SQL rules.
  • And of course bug fixes that were missed in the last release.

make sure you subscribe to my RSS feed!

Share
Subscribe
Notify of
guest
24 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
trackback

#security Microsoft release the Web Application Configuration Analyzer 2.0 http://dlvr.it/SHltt #infosec

trackback

#security Microsoft release the Web Application Configuration Analyzer 2.0 http://dlvr.it/SHlsn #infosec

trackback

#security Microsoft release the Web Application Configuration Analyzer 2.0 http://dlvr.it/SHlsf #infosec

trackback

#security Microsoft release the Web Application Configuration Analyzer 2.0 http://dlvr.it/SHlqw #infosec

trackback

#security Microsoft release the Web Application Configuration Analyzer 2.0 http://dlvr.it/SHlqs #infosec

trackback

#security Microsoft release the Web Application Configuration Analyzer 2.0 http://dlvr.it/SHlp0 #infosec

trackback

#security Microsoft release the Web Application Configuration Analyzer 2.0 http://dlvr.it/SHlmR #infosec

trackback

#security Microsoft release the Web Application Configuration Analyzer 2.0 http://dlvr.it/SHlmP #infosec

trackback

#security Microsoft release the Web Application Configuration Analyzer 2.0 http://dlvr.it/SHlmQ #infosec

trackback

RT @devilok: Microsoft release the Web Application Configuration Analyzer 2.0 http://bit.ly/kuemWc

trackback

RT @sectechno: #Microsoft release the Web Application Configuration Analyzer 2.0 http://bit.ly/kt7tvk #security

trackback

Microsoft release the Web Application Configuration Analyzer 2.0 http://bit.ly/kt7tvk

trackback

Microsoft release the Web Application Configuration Analyzer 2.0: Web Application Configuration Analyzer (WACA) … http://bit.ly/j6M8eb

trackback

#security Microsoft release the Web Application Configuration Analyzer 2.0: Web Application Configurati… http://bit.ly/j6M8eb #infosec

trackback

Microsoft release the Web Application Configuration Analyzer 2.0: Web Application Configuration Analyzer (WACA) … http://bit.ly/j6M8eb

trackback

RT @r0bertmart1nez: RT @devilok: Microsoft release the Web Application Configuration Analyzer 2.0 http://bit.ly/kuemWc

trackback

RT @r0bertmart1nez: RT @devilok: Microsoft release the Web Application Configuration Analyzer 2.0 http://bit.ly/kuemWc

trackback

RT @devilok: Microsoft release the Web Application Configuration Analyzer 2.0 http://bit.ly/kuemWc

trackback

Microsoft release the Web Application Configuration Analyzer 2.0 http://bit.ly/kuemWc

trackback

RT @darkoperator: Microsoft release the Web Application Configuration Analyzer 2.0 http://bit.ly/j6M8eb

trackback

RT @Bug2Hunt: #security Microsoft release the Web Application Configuration Analyzer 2.0 http://dlvr.it/SHlsn #infosec

trackback

RT @Sectechno: Microsoft release the Web Application Configuration Analyzer 2.0 #Microsoft #WACA 2.0 #Web Security http://t.co/004QKkz

trackback

RT @devilok: Microsoft release the Web Application Configuration Analyzer 2.0 http://bit.ly/kuemWc

Php Development

It is really good news.