- Secunia Personal Software Inspector
- Microsoft Baseline Security Analyzer 2.3
- Microsoft Baseline Security Analyzer 2.5
- Microsoft Baseline Security Analyzer Windows 10
Jul 14, 2020 How to Use Baseline Security Analyzer. Download the Microsoft Baseline Security Analyzer from Microsoft download center. Save the software to a drive with enough space and install it properly after MBSA download. Launch Microsoft Baseline Security Analyzer and click the Scan a computer link. Microsoft reluctantly announces the retirement of the Security Compliance Manager (SCM) tool. At the same time, we are reaffirming our commitment to delivering robust and useful security guidance for Windows, and tools to manage that guidance. Microsoft first released the Security Compliance Manager (SCM) in 2010.
SecTools.Org: Top 125 Network Security Tools
For more than a decade, the NmapProject has been cataloguing the network security community'sfavorite tools. In 2011 this site became much more dynamic, offeringratings, reviews, searching, sorting, and a new tool suggestion form.This site allows open source and commercial tools on any platform,except those tools that we maintain (such as the Nmap Security Scanner, Ncat network connector, and Nping packet manipulator).
We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. Click any tool name for more details on that particular application, including the chance to read (and write) reviews. Many site elements are explained by tool tips if you hover your mouse over them. Enjoy!
11 tools
(16)★★★Nessus (#3, 2)
Nessus is one of the most popular and capable vulnerability scanners, particularly for UNIX systems. It was initially free and open source, but they closed the source code in 2005 and removed the free 'Registered Feed' version in 2008. It now costs $2,190 per year, which still beats many of its competitors. A free “Nessus Home” version is also available, though it is limited and only licensed for home network use.
Nessus is constantly updated, with more than 70,000 plugins. Key features include remote and local (authenticated) security checks, a client/server architecture with a web-based interface, and an embedded scripting language for writing your own plugins or understanding the existing ones. Read 24 reviews.
Latest release: version 6.3.3 on March 16, 2015 (5 years, 9 months ago).
(31)★★★★OpenVAS (#19, new!)
OpenVAS is a vulnerability scanner that was forked from the last free version of Nessus after that tool went proprietary in 2005. OpenVAS plugins are still written in the Nessus NASL language. The project seemed dead for a while, but development has restarted. Read 38 reviews.
Latest release: version 8.0 on April 2, 2015 (5 years, 8 months ago).
(12)★★★★½Core Impact (#29, 15)
Core Impact isn't cheap (be prepared to spend at least $30,000), but it is widely considered to be the most powerful exploitation tool available. It sports a large, regularly updated database of professional exploits, and can do neat tricks like exploiting one machine and then establishing an encrypted tunnel through that machine to reach and exploit other boxes. Other good options include Metasploit and Canvas. Read 21 reviews.
Latest release: version 12 on Aug. 8, 2011 (9 years, 4 months ago).
(16)★★½Nexpose (#36, new!)
Rapid7 Nexpose is a vulnerability scanner which aims to support the entire vulnerability management lifecycle, including discovery, detection, verification, risk classification, impact analysis, reporting and mitigation. It integrates with Rapid7's Metasploit for vulnerability exploitation. It is sold as standalone software, an appliance, virtual machine, or as a managed service or private cloud deployment. User interaction is through a web browser. There is a free but limited community edition as well as commercial versions which start at $2,000 per user per year. Read 19 reviews.
(6)★★★½GFI LanGuard (#40, 20)
GFI LanGuard is a network security and vulnerability scanner designed to help with patch management, network and software audits, and vulnerability assessments. The price is based on the number of IP addresses you wish to scan. A free trial version (up to 5 IP addresses) is available. Read 6 reviews.
Latest release: version 2011 on May 19, 2001 (19 years, 7 months ago).
(4)★★★★QualysGuard (#42, 31)
QualysGuard is a popular SaaS (software as a service) vulnerability management offering. It's web-based UI offers network discovery and mapping, asset prioritization, vulnerability assessment reporting and remediation tracking according to business risk. Internal scans are handled by Qualys appliances which communicate back to the cloud-based system. Read 5 reviews.
Latest release: version 6.18 on Feb. 25, 2011 (9 years, 9 months ago).
(3)★★★MBSA (#46, 54)
Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed for the IT professional that helps small and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Built on the Windows Update Agent and Microsoft Update infrastructure, MBSA ensures consistency with other Microsoft management products including Microsoft Update (MU), Windows Server Update Services (WSUS), Systems Management Server (SMS) and Microsoft Operations Manager (MOM). Apparently MBSA on average scans over 3 million computers each week. Read 3 reviews.
Latest release: version 2.3 on Nov. 12, 2013 (7 years, 1 month ago).
(1)★★★Retina (#54, 29)
Like Nessus, Retina's function is to scan all the hosts on a network and report on any vulnerabilities found. It was written by eEye, who are well known for their security research. Read 2 reviews.
(6)★★★★½Secunia PSI (#68, new!)
Secunia PSI (Personal Software Inspector) is a free security tool designed to detect vulnerable and out-dated programs and plug-ins that expose your PC to attacks. Attacks exploiting vulnerable programs and plug-ins are rarely blocked by traditional anti-virus programs. Secunia PSI checks only the machine it is running on, while its commercial sibling Secunia CSI (Corporate Software Inspector) scans multiple machines on a network. Read 6 reviews.
Latest release: version 2.0 on Jan. 10, 2011 (9 years, 11 months ago).
(3)★★★★½Nipper (#81, new!)
Nipper (short for Network Infrastructure Parser, previously known as CiscoParse) audits the security of network devices such as switches, routers, and firewalls. It works by parsing and analyzing device configuration file which the Nipper user must supply. This was an open source tool until its developer (Titania) released a commercial version and tried to hide their old GPL releases (including the GPLv2 version 0.10 source tarball). Read 3 reviews.
Latest release: version 1.3.
(4)★★★★½SAINT Security Suite (#110, 19)
SAINT is a commercial vulnerability assessment and penetration system. It was originally developed in the late 1990's as free UNIX tool based on the open source SATAN scanner. Later it went commercial and broadened into a whole suite of tools for vulnerability detection, exploitation, and asset management. It is available on multiple platforms, including appliances (SAINTbox) and cloud-hosted (SAINTcloud). Top competitors include Nessus, Nexpose, and QualysGuard. Read 9 reviews.
Latest release: version 9.8 on May 1, 2020 (7 months, 2 weeks ago).
11 tools
Categories
Screenshot of Microsoft Baseline Security Analyzer analysis result | |
| Developer(s) | Microsoft |
|---|---|
| Initial release | 16 August 2004[1] |
| Stable release | |
| Operating system | Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, Windows XP and Windows 2000[2] |
| Platform | IA-32 and x86-64[2] |
| Size | 1.5 ~ 1.7 MB[2] |
| Available in | English, German, French and Japanese[2] |
| Type | Computer security |
| License | Freeware |
| Website | technet.microsoft.com/en-us/security/cc184924.aspx |
Microsoft Baseline Security Analyzer (MBSA) is a discontinued software tool which is no longer available from Microsoft that determines security state by assessing missing security updates and less-secure security settings within Microsoft Windows, Windows components such as Internet Explorer, IISweb server, and products Microsoft SQL Server, and Microsoft Office macro settings. Security updates are determined by the current version of MBSA using the Windows Update Agent present on Windows computers since Windows 2000 Service Pack 3. The less-secure settings, often called Vulnerability Assessment (VA) checks, are assessed based on a hard-coded set of registry and file checks. An example of a VA might be that permissions for one of the directories in the /www/root folder of IIS could be set at too low a level, allowing unwanted modification of files from outsiders.
Version history[edit]
Versions 1.2.1 and below run on NT4, Windows 2000, Windows XP, and Windows Server 2003, provide support for IIS versions 5 through 6, SQL Server 7 and 2000, Internet Explorer 5.01 and 6.0 only, and Microsoft Office 2000 through 2003. Security update assessment is provided by an integrated version of Shavlik's HFNetChk 3.8 scan tool. MBSA 1.2.1 was localized into English, German, French and Japanese versions and supported security assessment for any locale.
Version 2.0 retained the hard-coded VA checks, but replaced the Shavlik security assessment engine with Microsoft Update technologies which adds dynamic support for all Microsoft products supported by Microsoft Update. MBSA 2.0.1 was released to support the revised Windows Update (WU) offline scan file (WSUSSCN2.CAB). MBSA 2.1 added Vista and Windows Server 2008 support, a new Vista-styled GUI interface, support for the latest Windows Update Agent (3.0), a new Remote Directory (/rd) feature and extended the VA checks to x64 platforms.
In the August 2012 Security Bulletin Webcast Q&A on Technet it was announced that 'The current version of MBSA (2.2) will not support Windows 8 and Microsoft currently has no plans to release an updated version of the tool.'[3]
In November 2013 MBSA 2.3 was released. This release adds support for Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2. Windows 2000 will no longer be supported with this release.[4]
Microsoft support and updates for MBSA has ended. The current version 2.3 does not offer official support for Windows 10 or Windows Server 2016. The Microsoft MBSA webpage has been removed.[5]
Secunia Personal Software Inspector
How MBSA differs from Microsoft Update[edit]
MBSA only scans for 3 classes of updates, security updates, service packs and update rollups. Critical and optional updates are left aside.
Microsoft Baseline Security Analyzer 2.3
See also[edit]
References[edit]
- ^'Download Details: Microsoft Baseline Security Analyzer v1.2.1 (for IT Professionals)'. Microsoft Download Center. Microsoft Corporation. Archived from the original on 18 June 2009. Retrieved 13 October 2009.
- ^ abcde'Download Details: Microsoft Baseline Security Analyzer 2.2 (for IT Professionals)'. Microsoft Download Center. Microsoft Corporation. 6 August 2010. Retrieved 21 November 2009.
- ^'August 2012 Security Bulletin Webcast Q&A'. Microsoft. Archived from the original on 24 August 2012. Retrieved 20 August 2012.
- ^'Microsoft Baseline Security Analyzer (MBSA) 2.3|MBSA'. Microsoft. Retrieved 12 November 2013.
- ^'What is Microsoft Baseline Security Analyzer and its uses?'. Microsoft. Retrieved October 5, 2018.
External links[edit]
Microsoft Baseline Security Analyzer 2.5
- Official website