SecureCheq version 1.0 – A Free Configuration Evaluator from Tripwire

Configuration failures, whether accidental or malicious, are some of the most pervasive risks in IT today. And often the most invisible. Security Configuration Management solves this problem, but how does it work? What does it look for and what advice does it offer?

SecureCheq is a fast, simple utility for Windows servers and desktops that answers these questions while it tests for common configuration risks. This free utility:

Tests for a subset of typical (and often dangerous) Windows configuration errors
Provides detailed remediation and repair advice
Tests for about two dozen critical but common configuration errors related to OS hardening, Data Protection, Communication Security, User Account Activity and Audit Logging.
Demonstrates how systems can be continually hardened against attack

SecureCheq uses configuration tests just like the ones defined in CIS, ISO or COBIT standards. Because these tests include helpful links back to comparable tests in governing policies like DISA, HIPAA or NERC, you can easily see how well your target system would fare under these policies.

Security Configuration Management isn’t easy – it needs to continually balance risk and productivity – but it is possible. And it can be one of your most cost-effective options for cyber defense.