Microsoft Security Assessment Tool – Free for Windows

Outsmart Malicious Hackers


The Microsoft Security Assessment Tool (MSAT) is a free tool designed to help organizations like yours assess weaknesses in your current IT security environment, reveal a prioritized list of issues, and help provide specific guidance to minimize those risks. MSAT is an easy, cost-effective way to begin strengthening the security of your computing environment and your business. Begin the process by taking a snapshot of your current security state, and then use MSAT to continuously monitor your infrastructure’s ability to respond to security threats

Understanding Your Risks

MSAT is designed to help you identify and address security risks in your IT environment. The tool employs a holistic approach to measuring your security posture and covers topics including people, process, and technology.

MSAT provides:

  • Easy to use, comprehensive, and continuous security awareness
  • A defense-in-depth framework with industry comparative analysis
  • Detailed, ongoing reporting comparing your baseline to your progress
  • Proven recommendations and prioritized activities to improve security
  • Structured Microsoft and industry guidance

MSAT consists of over 200 questions covering infrastructure, applications, operations, and people. The questions, associated answers, and recommendations are derived from commonly accepted best practices, standards such as ISO 17799 and NIST-800.x, as well as recommendations and prescriptive guidance from the Microsoft Trustworthy Computing Group and other external security sources.

You can download MSAT here:

MSATEnglish 4.0

Or read more here.

Posted in: Countermeasures, Security Software, Windows Hacking

, , ,


Latest Posts:


StaCoAn - Mobile App Static Analysis Tool StaCoAn – Mobile App Static Analysis Tool
StaCoAn is a cross-platform tool which aids developers, bug bounty hunters and ethical hackers performing mobile app static analysis on the code of the application for both native Android and iOS applications.
snallygaster - Scan For Secret Files On HTTP Servers snallygaster – Scan For Secret Files On HTTP Servers
snallygaster is a Python-based tool that can help you to scan for secret files on HTTP servers, files that are accessible that shouldn't be public and can pose a s
Portspoof - Spoof All Ports Open & Emulate Valid Services Portspoof – Spoof All Ports Open & Emulate Valid Services
The primary goal of the Portspoof program is to enhance your system security through a set of new camouflage techniques which spoof all ports open and also emulate valid services on every port.
Cambridge Analytica Facebook Data Scandal Cambridge Analytica Facebook Data Scandal
One of the biggest stories of the year so far has been the scandal surrounding Cambridge Analytica that came out after a Channel 4 expose that demonstrated the depths they are willing to go to profile voters, manipulate elections and much more.
GetAltName - Discover Sub-Domains From SSL Certificates GetAltName – Discover Sub-Domains From SSL Certificates
GetAltName it's a little script to discover sub-domains that can extract Subject Alt Names for SSL Certificates directly from HTTPS websites which can provide you with DNS names or virtual servers.
Memcrashed - Memcached DDoS Exploit Tool Memcrashed – Memcached DDoS Exploit Tool
Memcrashed is a Memcached DDoS exploit tool written in Python that allows you to send forged UDP packets to a list of Memcached servers obtained from Shodan.


Comments are closed.