Our free Audit Test Automation Package, AuditTAP or ATAP for short, checks the system hardening status of your operating systems, web servers and applications.
What is the AuditTAP?
The AuditTAP modules check various standard products for the configuration of important and relevant security settings. The references that are audited against are fundamentally established and proven security standards – for example, the hardening recommendations and configuration specifications of:
-
- DISA (Defense Information Systems Agency)
- CIS (Center for Internet Security)
- BSI (German Federal Office for Information Security)
- ACSC (Australian Cyber Security Center)
- Vendor recommendations, e.g. from Microsoft
With AuditTAP you can quickly and easily create a simple and clear HTML-based documentation of your systems.
AuditTAP: Features
-
- Do your products comply with the latest security configuration recommendations?
- Is the documentation of your IT systems available?
- What is the compliance status of the settings?
Our AuditTAP reports answer these and other questions quickly and easily.
AuditTAP performs an automated system configuration audit by checking up to several hundred configuration settings, depending on the product. Among other things, it checks the algorithms and keys used, the location of log data, the use of TLS 1.2 (or higher), the services activated or existing, separate service accounts.
As a result of the system configuration check the Audit Test Automation Package generates a report in HTML format. In this report, you can see which settings comply with the recommendations and which do not. In addition, you will receive a so-called risk score.
Assess your risk better
With version 5.2. the AuditTAP report received the practical and clear Risk Score. This assesses the status of a system according to quantitative aspects and now also takes into account the criticality of settings.
What this means exactly and how to read the risk score correctly is explained in the article “AuditTAP: What important conclusions you can draw from compliance reports“.
Audits compliant to the General Data Protection Regulation (GDPR)
The AuditTAP also offers a Windows 10 GDPR report. In this report, hundreds of Windows 10 settings are checked for their data protection compliance.
What’s new in AuditTAP 5?
Read this news and watch this short video:
Which products are supported?
Currently, you can use the AuditTAP for the following products and reports:
| Report | DISA | CIS | Microsoft | BSI | ACSC |
|---|---|---|---|---|---|
| Debian 10 | – | – | – | – | – |
| Fedora 35 | – | – | – | – | – |
| Google Chrome | V1R15 | 2.0.0 | – | – | – |
| Mozilla Firefox | V4R24 | 1.0.0 | – | – | – |
| Microsoft Edge | – | – | 99 | – | – |
| Microsoft Internet Explorer 11 | V1R16 | 1.1.0 | 2004 | – | – |
| Microsoft IIS10 | – | 1.1.1 | – | – | – |
| Microsoft Office 2016 Excel | V1R2 | – | – | – | – |
| Microsoft Office 2016 Outlook | V1R2 | – | – | – | – |
| Microsoft Office 2016 PowerPoint | V1R1 | – | – | – | – |
| Microsoft Office 2016 SkypeForBusiness | V1R1 | – | – | – | – |
| Microsoft Office 2016 Word | V1R1 | – | – | – | – |
| Microsoft Office 2016 | – | 1.1.0 | – | – | – |
| Microsoft SQL Server 2016 | – | 1.3.0 | – | – | – |
| Microsoft Windows 7 | – | 3.1.0 | – | – | – |
| Microsoft Windows 10 | V1R16 | 1.12.0 | 21H1 | SiM-08202, SiSyPHuS 1.3 | 10.2021 |
| Microsoft Windows 10 GDPR | – | – | 16082019 | V1.1 | – |
| Microsoft Windows 10 BSI | – | – | – | SiM-08202, SiSyPHuS 1.3 | – |
| Microsoft Windows 10 All | V1R16 | 1.12.0 | 21H1 | SiM-08202, SiSyPHuS 1.3 | 10.2021 |
| Microsoft Windows 11 | – | 1.0.0 | FINAL, RTLFB 21H2 | – | – |
| Microsoft Windows Server 2012 R2 | 2.19 | 2.5.0 | – | – | – |
| Microsoft Windows Server 2016 | 1.12 | 1.2.0 | FINAL | – | – |
| Microsoft Windows Server 2016 DC | V1R6 | 1.2.0 | FINAL | – | – |
| Microsoft Windows Server 2019 | 1.5 | 1.3.0 | FINAL | – | – |
| Microsoft Windows Server 2019 DC | V1R2 | 1.1.0 | FINAL | – | – |
| Microsoft Windows Server 2022 | – | 1.0.0 | FINAL | – | – |
| Red Hat Enterprise Linux 8 | – | – | – | – | – |
| Ubuntu 20.04 | – | – | – | – | – |
Note: You can also find an always up-to-date overview on the GitHub page of AuditTAP.
AuditTAP: Download & Installation
You can download the Audit Test Automation Package (AuditTAP) for free from Github and use it without any restrictions. Here you can also get detailed information about the product, for example for installation and setup.
How to use the AuditTAP?
This tutorial video shows you how to download, install and start the AuditTAP and it’s system configuration check:
Need help with system hardening?
Do you have questions about the AuditTAP? Or do you need assistance with system configuration audits and (automated) system hardening? Do you want to integrate system hardening directly into your deployment or installation processes?
Our experts are here for you! Contact us without obligation and we will get back to you as soon as possible.