AuditTAP got a fresh update! Once again you can use it to check if your systems are hardened to the latest state of the art techniques.
AudiTAP – always on the pulse of time
IT security is not a project with a fixed end. And it is also not a sprint, but rather a marathon. It is therefore essential to stay on top of the topic, constantly and without interruption.
That’s why we are continuously improving AuditTAP (ATAP for short), among other things. In version 5.4, we have implemented a few new functions to keep you “up to date” in cyber security.
The biggest changes in AuditTAP 5.4
The Security Base Data Check now checks which SSL/TLS protocols are active for all Windows systems. As a reminder, according to the state of the art techniques, only TLS 1.2 or higher should be used.
In addition, AuditTAP 5.4 for Windows Server 2022 supports the DISA STIGs (Security Technical Implementation Guides) in version V1R1 and checks systems with Windows Server 2012 R2 according to the new CIS Checks 2.6.0, among others.
In addition, we have added tests for stand-alone Windows systems that are not members of an Active Directory domain. The basis for these checks are CIS and BSI recommendations
How exactly a hardening report is generated for these systems is documented here. The following screenshot shows a selected example:

All the existing as well as the new checks have an impact on the calculation of the AuditTAP Risk Score. This shows in an easy-to-understand presentation whether there are critical weaknesses in your system hardening or not.
New: Our recommendations complementary to the standards
With ATAP 5.4, a new feature called “FB Recommendations” moves in. With this, we perform specific tests that are not based on the CIS, DISA, BSI, ACSC and Microsoft recommendations. Instead, AuditTAP scans your Windows 10, Windows 11, and/or Windows Server system for configurations that we recommend in addition to the known standards.
The “FB Recommendations” function can be found in the “Hardening Setting” tab. A result may then look like this, for example:

What else is new?
Bug fixes, bug fixes and bug fixes. Among other things, our “exterminators” have fixed bugs in the DISA tests for Windows Server 2019 and incorrect information in the Windows Defender checks. They likewise adjusted the logic of some checks and revised the test names to avoid misunderstandings.
You can see a list of all issues closed for version 5.4 on GitHub.
Would you like to participate in the improvement and further development of AuditTAP yourself? Then submit your suggestions here.
Do you have any questions about AuditTAP? Or do you need support for (automated) system hardening? Then get in touch with us without any obligation by sending us an e-mail.