A graphical utility which utilizes EventSentry's validation scripts to compare security (and other) settings of the local host with best practices, security frameworks and compliance requirements such as NIST, STIG, CMMC and many more.
|
EventSentry can continuously evaluate all applicable validation scripts on your entire network infrastructure - automatically in the background. Extensive reporting capabilities show results in seconds, and ensure that the entire network is in compliance. |
Usage
The status bar (bottom left) will show the number of available scripts, tags and the release date of the validation scripts. Click the "Tags" button to display the list of available tags. Select one or more tags and click the "Run" button to start the verification. Individual checks can be skipped by clearing the check box. Results can be exported to a text file using the "Export" button.
Tags
To select a single tag, simply double-click the tag. Use either the CTRL or SHIFT buttons to select multiple tags and then click OK. Click the "X" button to clear the selected tags and display the scripts stats in the status bar. Tags are stored in the registry when the application is closed, and restored when the application is re-opened.
Results
Clicking the "Run" button will start the evaluation process, by launching each listed (and checked) scripts sequentially. Each script has 4 possible statuses:
•PASS
•FAIL
•WARNING
•N/A
PASS: Indicates that the test was successful and the system passed the check.
FAIL: Indicates that the current (security) settings on the host did not pass the check.
WARNING: Indicates that the test was successful and the system passed the check, but that additional steps may be necessary for full compliance.
N/A: Indicates that the check is not applicable to the local host, e.g. if the local system is a workstation but the check is for domain controllers.
The result of the check is displayed in the "Status" column and also indicated in the icon on the left side. Clicking a respective row will display details about the validation script status on the bottom of the dialog. To learn more about the check, including how to resolve a failure, either double-click the row or click the "More Information" button.
The status bar will show how many checks were successful and how many failed in the status bar, along with the overall duration of checks so far.
Export
Clicking the "Export" button will export the results to a text file, similar to the text shown below:
Time,Hostname,ID,Status,Executed,Errorlevel,Duration(s),Description
2023-10-31 20:04:27,somehost.somedomain.local,b505fc16-70d3-4275-bcc5-02fac2fdb3af,FAIL,OK,1,0,Accounts: User Account Control approval mode for the built-in Administrator must be enabled
2023-10-31 20:04:29,somehost.somedomain.local,3f0d630e-d744-450e-8e8a-6478118649fb,PASS,OK,0,0,Exploit Protection: system-level mitigation, Validate exception chains (SEHOP) must be on
2023-10-31 20:04:30,somehost.somedomain.local,bf06c136-7223-41ac-8288-e0940126a884,FAIL,OK,1,0,General: Machine inactivity limit must be set to 15 minutes or less, locking the system with the screen saver
2023-10-31 20:04:31,somehost.somedomain.local,20a8c861-e142-4e51-bf82-b0ef8bd1343c,PASS,OK,0,0,Remote Desktop Services: Must require secure Remote Procedure Call (RPC) communications
Interface
Graphical
Files
ComplianceValidator.exe
Supported Platforms
Windows