AuditTAP: The free tool for system configuration checks

Our free Audit Test Automation Package, AuditTAP or ATAP for short, checks the system hardening status of your operating systems, web servers and applications.

What is the AuditTAP?

The AuditTAP modules check various standard products for the configuration of important and relevant security settings. The references that are audited against are fundamentally established and proven security standards – for example, the hardening recommendations and configuration specifications of:

    • DISA (Defense Information Systems Agency)
    • CIS (Center for Internet Security)
    • BSI (German Federal Office for Information Security)
    • ACSC (Australian Cyber Security Center)
    • Vendor recommendations, e.g. from Microsoft

With AuditTAP you can quickly and easily create a simple and clear HTML-based documentation of your systems.

AuditTAP: Features

    • Do your products comply with the latest security configuration recommendations?
    • Is the documentation of your IT systems available?
    • What is the compliance status of the settings?

Our AuditTAP reports answer these and other questions quickly and easily.

AuditTAP performs an automated system configuration audit by checking up to several hundred configuration settings, depending on the product. Among other things, it checks the algorithms and keys used, the location of log data, the use of TLS 1.2 (or higher), the services activated or existing, separate service accounts.

As a result of the system configuration check the Audit Test Automation Package generates a report in HTML format. In this report, you can see which settings comply with the recommendations and which do not. In addition, you will receive a so-called risk score.

Assess your risk better

With version 5.2. the AuditTAP report received the practical and clear Risk Score. This assesses the status of a system according to quantitative aspects and now also takes into account the criticality of settings.

What this means exactly and how to read the risk score correctly is explained in the article “AuditTAP: What important conclusions you can draw from compliance reports“.

Audits compliant to the General Data Protection Regulation (GDPR)

The AuditTAP also offers a Windows 10 GDPR report. In this report, hundreds of Windows 10 settings are checked for their data protection compliance.

What’s new in AuditTAP 5?

Read this news and watch this short video:

Which products are supported?

Currently, you can use the AuditTAP for the following products and reports:

Report DISA CIS Microsoft BSI ACSC
Debian 10
Fedora 35
Google Chrome V1R15 2.0.0
Mozilla Firefox V4R24 1.0.0
Microsoft Edge 99
Microsoft Internet Explorer 11 V1R16 1.1.0 2004
Microsoft IIS10 1.1.1
Microsoft Office 2016 Excel V1R2
Microsoft Office 2016 Outlook V1R2
Microsoft Office 2016 PowerPoint V1R1
Microsoft Office 2016 SkypeForBusiness V1R1
Microsoft Office 2016 Word V1R1
Microsoft Office 2016 1.1.0
Microsoft SQL Server 2016 1.3.0
Microsoft Windows 7 3.1.0
Microsoft Windows 10 V1R16 1.12.0 21H1 SiM-08202, SiSyPHuS 1.3 10.2021
Microsoft Windows 10 GDPR 16082019 V1.1
Microsoft Windows 10 BSI SiM-08202, SiSyPHuS 1.3
Microsoft Windows 10 All V1R16 1.12.0 21H1 SiM-08202, SiSyPHuS 1.3 10.2021
Microsoft Windows 11 1.0.0 FINAL, RTLFB 21H2
Microsoft Windows Server 2012 R2 2.19 2.5.0
Microsoft Windows Server 2016 1.12 1.2.0 FINAL
Microsoft Windows Server 2016 DC V1R6 1.2.0 FINAL
Microsoft Windows Server 2019 1.5 1.3.0 FINAL
Microsoft Windows Server 2019 DC V1R2 1.1.0 FINAL
Microsoft Windows Server 2022 1.0.0 FINAL
Red Hat Enterprise Linux 8
Ubuntu 20.04

Note: You can also find an always up-to-date overview on the GitHub page of AuditTAP.

AuditTAP: Download & Installation

You can download the Audit Test Automation Package (AuditTAP) for free from Github and use it without any restrictions. Here you can also get detailed information about the product, for example for installation and setup.

How to use the AuditTAP?

This tutorial video shows you how to download, install and start the AuditTAP and it’s system configuration check:

Need help with system hardening?

Do you have questions about the AuditTAP? Or do you need assistance with system configuration audits and (automated) system hardening? Do you want to integrate system hardening directly into your deployment or installation processes?

Our experts are here for you! Contact us without obligation and we will get back to you as soon as possible.

Contact us!