My home on the interwebs

October 17, 2017

Windows 10 Security Tools

As more organization migrate to Windows 10, Security is important as ever, here are some thoughts on Windows 10 security:

Windows defender advanced threat protection protects, investigates, detects and responds to data breaches and advanced threats on your network (Kevin beaver 2017). It provides an all-rounded post-breach protection, prevention, detection, and its ability to respond altogether within a single end to end solution. Its protection is built in the cloud as well as deep into windows. It provides the best performance in class while eliminating the need for complex infrastructures and 3rd party agents. It fuses in data science, deep OS expertise and the power of Microsoft intelligent security graph to adapt and protect the orchestrate remediation and changing threats.

Windows 10 now has a foothold in the software enterprise. It’s therefore important to learn the tools that are available for their day to day security. The rule 80/20 depicts that 80 % of the problems are created by 20% of the weaknesses. The problem mostly comes somewhere in patches, passwords and user behaviors. When vulnerabilities are found on the windows 10 system by IT, they are then sure that the same vulnerabilities exist everywhere. There are open source tools that assist the IT in understanding the systems security gaps so as to gain greater controls over the windows 10 desktops. To do this Windows 10 security tools must meet the enterprise needs.

Vulnerability testing and analysis: in windows 10 deployment management vulnerability scanners can be the company’s greatest asset. This is because they work well on the ongoing and the periodic basis for internal benefits that come between the security reviews.

Microsoft baseline security analyzer v2.3: this is a Microsoft software tool that determines the security state by assessment of the less secure security setting and the missing security updates within the Microsoft Windows, and the windows components such as the IIS Web server, internet explorer, SQL Server and Microsoft office macro settings. Vulnerability assessment also referred to as the less secure setting are evaluated based on the hard-coded set of file checks and registry. The Microsoft baseline security analyzer v2.3 is not necessarily created for windows 10 but it provides great insights into the vulnerabilities in the system. (Kevin beaver 2017)

File locator pro: mythic soft file locator pro is a search tool that is extensive enough to dig among the contents and the variety of files to find a specified piece of data. It’s available in both the 64-bit and the 32-bit versions. Its basic user interfaces consent using DOS expressions, Boolean searches, exact word matches and regular expressions to find content and particular file names within those files.  The real strength of the File locator pro is in its expert user box located upper right. By clicking it opens five more tabs with the search options which include created and last assessed dates, date ranges for the modified checking files with the hidden, search within the archived and compressed files and read-only system. It also has a help file that is well laid out, and a wizard that constructs the search terms.

Metasploit: this is penetration testing software that allows one to use the attacker’s weapons against them. It utilizes the database of exploits that is ever growing and safely stimulates real attacks on your own network then uses it to train their security team to stop and spot the real attacks. Metaspoilt pro makes it way easier in the collection and the sharing of the information required in in the conduct of an efficient and successful penetration test. (Microsoft ,2017)

Netscantools pro: this  according to Microsoft (2017)  is an assimilated collection of internet information network and gathering utilities for research IPv4  addresses, network professionals, IPv6 addresses, domain names, hostnames, email addresses and manual tools.

Nessus vulnerability scanner: also referred as expose. It specializes in the vulner5ability assessment and continuous monitoring of the products. The Nessus vulnerability scanners line of products includes Nessus manager which is an on-premises virtual and physical appliances for the management of the vulnerability, Nessus cloud a service offering software, Nessus professional which is a software that runs on the laptops or the clients device, and Nessus home a free version that’s aimed for consumer use. Other than vulnerability scanning Nessus includes cloud environment, web application, and mobile device scanning. It also provides auditing of control systems, malware detection, compliance checks and configuration auditing.

Soft perfect network scanner: this is a universal IPV6/IPV4 scanner with an extensive range of advanced features and options for general users and system administrators that have interest in computer security. It scans ports, pings computers has flexible filtering, it discovers shared folders and has display options it can easily retrieve any information concerning network devices through SNMP, WMI, HTTP and PowerShell. It also scans registry, remote service files and performance counters latter transporting the results either through JSON and XML Kevin beaver (2017)

 

~Michael Goetzman

 

References

Microsoft (2017) intelligent security retrieved from

https://www.microsoft.com/en-us/windowsforbusiness/windows-security

Kevin beaver (2017) Windows 10 security tools to have handy retrieved from

http://searchenterprisedesktop.techtarget.com/tip/Windows-10-security-tools-to-have-handy