On Github you can now find the latest version of the Audit Test Automation Package, AuditTAP for short. These improvements are included.
Small but nice adjustments
Our meanwhile very active community submitted some tickets which were addressed by our AuditTAP developers. The result: feature requests were implemented and bugs solved .
An overview of all tickets can be found here. Also over 15 enhancements are offered by AuditTAP 5.3.
The logic of the Windows 10, Windows 11 and Windows Server tests has been adjusted to improve the results. For example, in the Windows Server 2022 checks, there is a split into Windows Server 2022 and Windows Server 2022 DC. This avoids errors in a “role-based” check and increases the informative value of the report.
And we changed the layout of the report: Using a tab function, the individual points of the evaluation can be reached more quickly.
In addition we decided to remove the already outdated BSI standards for the German Federal Police (BSI BPOL) from AuditTAP and integrated an automatic detection of the system (Windows or Linux?).
More information in the audit reports
A new feature is the “Security Base Data” tab. This is divided (in the first step for Windows systems) into:
-
- Platform Security
- Windows Base Security
- PowerShell Security
- Connectivity Security
- Application Control
This means that further critical security functions are queried at various levels. Even the best system hardening can only help to a limited extent if important standard security features are switched off on a system – and, for example, every “user” has administrative authorizations per se.
For each area there are corresponding tests, which look like this in the report:
Feedback on the “Risk Score” is implemented
With the last version, AuditTAP 5.2, we introduced a feature that brought us a lot of feedback: the Risk Score. This shows you in a comprehensible chart how good or risky your current system configuration turns out to be.
User feedback on the new RiskScore has been good, which makes us very happy. However, there have been repeated requests to include a function to deactivate the Risk Score.
We have implemented this. From now on, the Risk Score will not be displayed in the report by default. This means you have to activate it manually. This can be done via the parameter “-RiskScore”.
It will then look like this, for example:
Save-ATAPHtmlReport “Microsoft Windows 10 Complete” -RiskScore
Download of the AuditTAP 5.3
As always, you may download the new version of AuditTAP for free and use it fully in accordance with the BSD3 license. Click here to download from Github:
Do you have questions about AuditTAP? Or do you need support with (automated) system hardening? Then contact us without any obligation by sending us an email.