AuditTAP: The free tool for system configuration checks

Our free Audit Test Automation Package, AuditTAP or ATAP for short, checks the status of the System Hardening or Secure Configuration of your operating systems, web servers and applications.

What is the AuditTAP?

The AuditTAP modules check various standard products for the configuration of important and relevant security settings. The references that are audited against are fundamentally established and proven security standards – for example, the hardening recommendations and configuration specifications of:

    • DISA (Defense Information Systems Agency)
    • CIS (Center for Internet Security)
    • BSI (German Federal Office for Information Security)
    • ACSC (Australian Cyber Security Center)
    • Vendor recommendations, e.g. from Microsoft

With AuditTAP you can quickly and easily create a simple and clear HTML-based documentation of your systems.

What the security audit tool offers

Do your products comply with the current recommendations for security configuration? Is the documentation for your IT systems available? What is the compliance status of the settings? Our Audit TAP reports – the audit reports – answer these and other questions quickly and easily.

The Audit TAP carries out an automated system configuration audit by checking up to several hundred configuration settings, depending on the product. Among other things, it checks the algorithms and keys used, the storage location of log data, the use of TLS 1.2 (or higher), the activated services or existing, separate service accounts.

How do you install and use the AuditTAP?

Find out in this tutorial video:

The audit check with risk assessment

After the system configuration check, the Audit Test Automation Package generates a report. This shows you which settings comply with the system hardening recommendations and which do not. You also receive a risk score.

The risk score evaluates the status of a system from a quantitative point of view and now also takes into account the criticality of settings. The article “AuditTAP: What important conclusions you can draw from the compliance reports” explains exactly what this means and how to read the risk score correctly.

Assess your risk better

With version 5.2. the AuditTAP report received the practical and clear Risk Score. This assesses the status of a system according to quantitative aspects and now also takes into account the criticality of settings.

What this means exactly and how to read the risk score correctly is explained in the article “AuditTAP: What important conclusions you can draw from compliance reports“.

Audits compliant to the General Data Protection Regulation (GDPR)

The AuditTAP also offers a Windows 10 GDPR report. In this report, hundreds of Windows 10 settings are checked for their data protection compliance.

Which products does the audit tool support?

From Windows 7 to Windows 11, from Windows Server 2012 to Windows Server 2022 DC and from Debian 10 to Ubuntu 22.04: AuditTAP supports numerous popular operating systems. You can also check applications such as MS Excel, MS Word and Chrome with the free hardening audit tool.

You can find an up-to-date overview on the official AuditTAP GitHub page.

Need help with System Hardening?

Do you have questions about the AuditTAP? Or do you need assistance with system configuration audits and (automated) System Hardening? Do you want to integrate System Hardening directly into your deployment or installation processes?

Our experts are here for you! Contact us without obligation and we will get back to you as soon as possible.

💬 Contact us