Sleuthing Out Microsoft Vulnerabilities with SecurityExpressions

Filed under: SecurityExpressions Monitoring, Best Practices

Submitted by erikw on 27 March, 2007 - 12:08.

Did you know that in SecurityExpressions there is a rule that scans for all known Microsoft vulnerabilities? Needless to say, functionality like this can help make your network more robust (and your job more secure).

The tool can be placed as a rule in the self-audit section of the SecurityExpressions server.

After creating the rule, you can go to the self-audit Web page on the server.

The tool has a pre-configured rule that automatically checks for all last known vulnerabilities.

After going to the self-audit page, there is an active X component is downloaded to your machine, and the tool does its checking.

The check creates a list of vulnerabilities on the PC in question. You can click the failures it lists and see solutions to your specific vulnerability problems.

SecurityExpressions is a good stable product that gives you lots of scanning possibilities to help you develop a secure environment.

regards
Erik
www.svs4u.nl

Average:

Average: 3.7 (15 votes)

Login or register to post comments
3242 reads
Printer-friendly version

A Sweet Tip

Submitted by trb48 on 28 March, 2007 - 06:12.

This is a really cool tip, thanks for the update!

How often is SecurityExpressions updated (i.e. monthly, yearly?) That really determines the usefulness to me.

Thanks,

-trb48

Updates

Submitted by erikw on 28 March, 2007 - 08:02.

I'm not sure how often it is updated. The rules that I use can be found on the Altiris website. That is available by the Security Expressions configuration.

I really love it.

It is a great tool.

regards
erik

Uses Info from MS

Submitted by Kevin Millecam on 28 March, 2007 - 09:16.

Since SecurityExpressions loads an ActiveX control to perform this audit I bet the vulnerability checks come from Microsoft.

So (just guessing here) it would appear that the checks would always be accurate regardless of how often SecurityExpressions is updated.

Can any of you SecurityExpressions gurus fill in the blanks for us?

Not Microsoft

Submitted by erikw on 28 March, 2007 - 09:56.

No, The rules are not coming from Microsoft.

The results are not always ok. Most scans I did are definitely not ok.

Yes, I am not a real Microsoft lover, but because of the problems they cause with their 'very good' software (did you notice the quotation marks) I and many of us on the Juice have a good job, and enjoy rebuilding MS apps and OS.

regards
erik

Navigation

Security & Compliance

You must register/login in order to post into this group.

Top Contributors: 1 week

User	Points
erikw	1,937
stuper	600
Siddram	590
Joel Smith	570
dr012312	525
Terry Cutler	501
Antonp	500
ziggy	500
MattP	500
gharrison	375

User	Points
Joel Smith	47,018
trb48	20,674
erikw	19,645
Terry Cutler	17,221
Screenbert	15,414
R-Vijay	13,338
CondorMan	13,197
Jordan	12,940
ianatkin	12,704
riva11	10,924

Application Packaging

Asset & CMDB

Dell | Altiris

Deployment & Migration

Endpoint Virtualization

Ghost Solution Suite

Helpdesk Solution

HP | Altiris

Intel | Altiris

Security & Compliance

Workflow Solution

Active forum topics

Upcoming events

RSS :: Security & Compliance

Sleuthing Out Microsoft Vulnerabilities with SecurityExpressions

A Sweet Tip

Updates

Uses Info from MS

Not Microsoft

Navigation

Security & Compliance

Related Reading

Recent comments

Top Contributors: 1 week

Top Contributors

Who's online

Online users