Security Audit Report
Product Name: Security Audit Report
Description : UPDATED: 8/16/2019! - Now with more accurate BitLocker script.
One Report and six Agent Procedures to get a good overview on the following:
1. Antivirus inventory
2. Antimalware inventory
3. Installed antivirus and antimalware products including version and if it is up to date
4. Guest account status on endpoints
5. The status of SMB1 on endpoints
6. The status of machines that have USB mass storage allowed or disabled
7. Secure Boot for UEFI status
8. File table overview and list any endpoints with insecure file tables
9. Endpoint BitLocker status
10. Endpoint Firewall status
11. A list of VSA users their last login and their Roles and Scopes
12. A list of all local admins on each endpoint
13. A list of all network shares on every endpoint
In this new version the scripts have been improved, an additional test has been added, older non functioning scripts have been removed, the report has been tweaked to be more relevant, and some bugs have been fixed. Also, I removed the Software Management section and am adding that to the Automation Exchange as a separate download.
The Agent Procedures included with the import will document all data to the asset in custom fields.
This pack should help get you on your way to build your own agent procedures, custom fields, and report parts relevant to your business.
NOTE: It is important to create the Custom Fields first and if you are using VSA version 9.5 or higher then it should automatically map the fields in each Agent Procedures. Otherwise you may have to edit the agent procedures and point certain commands to the custom fields.
*** It may be best to review the Agent Procedures before running them just in case a field doesn't map correctly and overwrites the data in an existing field that you may be using for something else.
Login to VSA and go to System > Server Management > Import Center to import the XML file in the ZIP file.
Documentation is included in the ZIP file. It is important to create the Custom Fields first and if you are using VSA version 188.8.131.52 or later the system should automatically map the fields in each Agent Procedure. Otherwise, you may have to edit the agent procedures and point certain commands to the custom fields. This is a dropdown in the commands in the Agent Procedures.
This will import one report and six agent procedures.
- Security Audit Report
- Audit - BitLocker Status / Key Retrieval 2.0
- Audit - Check SMB1 Status
- Audit - Check USB Mass Storage Status
- Audit - Check UEFI Status
- Audit - Firewall (Domain, Private, and Public)
- Audit - Guest Account Status Check