November 08, 2024
CIS & NIST CSF 2.0 SUPPORTED
COMPARE
ASSESSMENTS
KNOWN ISSUES
DATABASE
RBAC
MODEL
ISSUES
FIXER
CONTINUOUS
ASSESSMENT
SECID
DASHBOARD
95%
AUTOMATION
SmartProfiler-SecID Enterprise Edition can be used to perform continuous assessment and supports other features such as comparing assessment, modifying severity, maintaining security score, scheduler to run continuous assessment, multiple assessment views, RBAC Model, maintaining known issues database and so on.
SmartProfiler is not just an assessment tool, it can also be used by MSPs, MSSPs, Service Providers, IT Architects, and IT Managers, and internal IT Teams to perform assessment and generate a report. There are two assessment models available with SmartProfiler-SecID; One Time Assessment and Continuous Assessment Model. All of the CIS Benchmarks provided by CIS are supported by SmartProfiler with 95% automation rate.
When you do the assessment of technologies, it becomes important that you resolve all the issues. However, in a production environment, it might not be possible to resolve all issues. If an issue cannot be resolved due to dependency on other components or the issue requires careful consideration, then that issue can be sent to Known Issues Database in SmartProfiler.
You want to compare Assessment Views of same Tenant for same technology. For example, you can compare two Assessment Views containing M365 Assessment CIS results for a single Tenant or different Tenant. You can also compare the assessment results before and after remediation.
The RBAC Model has been designed to control viewing of results in Assessment View. For example, if you are an MSP, MSSPs, or Service Provider and would like to perform assessment for multiple customers, but want to make sure that customers can only see the Assessment Views that they are supposed to see. For example, you are managing three customers as part of managed offering and want to do assessment of their Azure and M365 Tenants. You can create assessment views for each customer and then only allow customers to see their Assessment Views.
A security score can help you understand the overall security posture of technology. For example, you can know the current and initial score for Microsoft 365 and Azure Tenants for a single or multiple customers.
Test Template are available in SmartProfiler to help you perform assessment for a technology based on the tests available in the Test Template. For example, for M365 CIS Assessment, if you would like to perform CIS Profile Level 1 assessment for a M365 Tenant then you can only select CIS Profile Level 1 tests and then create a Test Template. When creating Assessment View, you need to select the modified Test Template so only CIS Profile Level 1 tests are executed. You can create unlimited Test Templates.
SmartProfiler lets you see the tests that it executes for each technology. For example, you can see all tests SmartProfiler executes as part of the Microsoft 365 CIS Assessment. To explore the tests for a specific technology, expand Explore CIS/NIST Assessments section in the left pane, expand the technology and then click on “Assessment Requirements” node
The requirements before the assessment can be executed depend on the technology. For example, for Active Directory Assessment, SmartProfiler requires Domain Admin if there is a single AD domain running in an Active Directory Forest and Enterprise Admins if child domains in an Active Directory Forest. Similarly, for Microsoft 365 CIS Assessment, SmartProfiler supports two connection methods; STORED-CRED and Microsoft Login Prompt. When it comes to requirements for executing assessments, it depends on the destination technology. SmartProfiler lets you see the requirements and explore the tests for each technology.
SmartProfiler is not just an assessment tool, it can also be used by MSPs, MSSPs, Service Providers, IT Architects, and IT Managers, and internal IT Teams to perform assessment and generate a report. There are two assessment models available with SmartProfiler as listed below:
In SmartProfiler-SecID dashboard you can see all issues that have been identified during the assessment and also view the CIS Tests status in CIS Table View
SmartProfiler is designed to perform quick assessment in just three steps and be able to generate the reports.
SmartProfiler-SecID Enterprise Edition supports creating multiple Assessment Views.
An Assessment View contains the following attributes:
Multiple Assessment Views can be used in scenarios explained below:
You want to compare Assessment Views of same Tenant for same technology. For example, you can compare two Assessment Views containing M365 Assessment CIS results for a single Tenant or different Tenant.
The multiple Assessment Views can also be used to compare the assessment results before and after remediation. For example, you have done assessment for an Active Directory Forest and after remediation you want to run the assessment again in a different Assessment View and then would like to compare both the assessment views to see the improvement and Security Score.
When you do the assessment of technology, it becomes important that you resolve all the issues. However, in a production environment, it might not be possible to resolve all issues. If an issue cannot be resolved due to dependency on other components or the issue requires careful consideration, then that issue can be sent to Known Issues Database in SmartProfiler. When sending an issue to Known Issues Database, you are required to provide following information:
Test Template are available in SmartProfiler to help you perform assessment for a technology based on the tests available in the Test Template. For example, for M365 CIS Assessment, if you would like to perform CIS Profile Level 1 assessment for a M365 Tenant then you can only select CIS Profile Level 1 tests and then create a Test Template. When creating Assessment View, you need to select the modified Test Template so only CIS Profile Level 1 tests are executed. You can create unlimited Test Templates.
RBAC Model is available in Enterprise Edition of SmartProfiler. The RBAC Model has been designed to control viewing of results in Assessment View. For example, if you are an MSP, MSSPs, or Service Provider and would like to perform assessment for multiple customers, but want to make sure that customers can only see the Assessment Views that they are supposed to see. For example, you are managing three customers as part of managed offering and want to do assessment of their Azure and M365 Tenants. You can create assessment views for each customer and then only allow customers to see their Assessment Views. The RBAC control is available in Web App version.
A security score can help you understand the overall security posture of technology. For example, you can know the current and initial score for Microsoft 365 and Azure Tenants for single or multiple customers.
Assessment Scheduler can be utilized for continuous assessment. The Assessment Scheduler can be useful in following situations:
The Assessment Scheduler Profile can be created by going to Manage Setting and then creating a Schedule from the Schedules tab.
It is also possible to look at the existing code that SmartProfiler uses to execute a test. You can easily modify to suite your requirements. In case you need to customize Impact and Recommendation text, the SmartProfiler Enterprise Edition can be used to do so. All you need to do is go to Manage Modules and then click on a module to modify its Impact and Recommendations text.
SmartProfiler-SecID Assessment supports showing Assessment Results for CIS Test in an easily readable format. The console shows:
SmartProfiler supports all CIS Benchmarks and other technologies which are not covered by CIS and other security organizations. For example, SmartProfiler also supports Microsoft Active Directory, Azure Virtual Desktop Assessments and DHCP Server which are not available in CIS and NIST CSF 2.0 frameworks. Here is a list of technologies supported by SmartProfiler. Please note SmartProfiler provides support for both Microsoft and non-Microsoft Technologies.
Note: All of the technologies are updated every month to ensure SmartProfiler supports latest CIS benchmark.
|
Microsoft 365 CIS v4.0.0 |
Microsoft FSLogix Assessment |
Exchange Server 2016 CIS v1.0.0 |
Google Chrome CIS v3.0.0 |
Fortigate 7.0 CIS v1.3.0 |
|
Microsoft Active Directory |
InTune-iOS BYOD CIS v1.1.0 |
SharePoint Server 2019 CIS v1.0.0 |
VMWare ESXi 8.0 CIS v1.1.0 |
Apache Cassandra 4.0 CIS v1.0.0 |
|
Microsoft Azure CIS v2.1.0 |
InTune-iOS ORG CIS v1.1.0 |
Microsoft IIS 10 CIS v1.2.1 |
Ubuntu Linux 22.04 LTS CIS v2.0.0 |
Apache Tomcat 9 CIS v1.2.0 |
|
Microsoft Azure Entra ID SP v1.0 |
Windows Server 2016 CIS v3.0.0 |
Microsoft Edge CIS v3.0.0 |
Ubuntu Linux 20.04 LTS CIS v2.0.0 |
Apache HTTP Server 2.4 CIS v2.1.0 |
|
Microsoft Azure Infra SP v1.0 |
Windows Server 2019 CIS v3.0.1 |
Microsoft DHCP |
CentOS Linux 8 CIS v1.0.0.1 |
MariaDB 10.11 CIS v1.0.0 |
|
Azure Database Services CIS v1.0.0 |
Windows Server 2022 CIS v3.0.0 |
AWS Complete CIS v3.0.0 |
Debian Linux 12 CIS v1.0.1 |
F5 Networks CIS v1.0.0 |
|
Azure Compute Services CIS v1.0.0 |
Intune for Windows 10 CIS v3.0.1 |
AWS Web Services CIS v3.0.0 |
Red Hat Enterprise Linux 9 CIS v2.0.0 |
Oracle Cloud INFRA CIS v2.0.0 |
|
Azure Kubernetes Service CIS v1.5.0 |
Intune for Windows 11 CIS v3.0.1 |
AWS Compute Services CIS v1.0.0 |
NGINX CIS v2.1.0 |
Cisco IOS 17.x CIS v2.0.0 |
|
SQL Server 2019 CIS v1.4.0 |
Microsoft Windows 10 CIS v3.0.0 |
AWS Database Services CIS v1.0.0 |
Oracle Database 18c CIS v1.1.0 |
IBM Cloud CIS v1.1.0 |
|
SQL Server 2022 CIS v1.1.0 |
Microsoft Windows 11 CIS v3.0.0 |
AWS Storage Services CIS v1.0.0 |
Oracle Database 19c CIS v1.2.0 |
|
|
Microsoft AVD Assessment |
Exchange Server 2019 CIS v1.0.0 |
AWS End User Compute CIS v1.1.0 |
Google Cloud CIS v3.0.0 |
|
SmartProfiler is a Desktop Application designed to perform security, health, risk and compliance assessment of Microsoft 365, Active Directory, Azure Virtual Desktop, and other technologies supported by SmartProfiler-SecID. When performing an assessment of technologies, the SmartProfiler requires necessary permissions to the Assessment target. Microsoft 365 CIS Assessment Requirements M365 CIS Assessment support two connection methods;
Read MoreDownload SmartProfiler Quick Assessment tools for a single technology and execute assessment in just three steps!
Download NowHere’s the list of frequently asked questions we have put together for each of our products and services. In case you still have any questions or require support on our products please feel free to connect with us using the contact us form or by sending an email to Support@Microsoft-Assessment.com.
No. SmartProfiler is a ready-only assessment. SmartProfiler Assessment collects data from target tenants and then analyze the data.
No. SmartProfiler collects information in CSV files stored on SmartProfler computer.
It depends on the Assessment Technology as listed below: For Office 365 Assessment 1-2 hours to complete assessment For Active Directory 5 hours. However, it depends on how big the Active Directory environment is. For Azure Virtual Desktop 1-2 hours For Azure 1-2 hours.
SmartProfiler generates reports in Microsoft Word format. However, you can edit Impact and Recommendations for each test before generating the report.
ince report is generated in Microsoft Word format, you can brand these reports.
If you’re really looking for an Active Directory security assessment tool, download SmartProfiler and perform an assessment. This will assist you in identifying security, health, and configuration problems.
The health and misconfiguration assessment feature of SmartProfiler can be very useful in demonstrating that your environment does not use Microsoft’s suggested settings.
The best feature of SmartProfiler is that it can perform the assessment without a Global Admin account and without needing the registration of an Azure AD application. Because it only required a Global Reader Account, we were able to use the tool effectively for our clients and clients could allow us to conduct the assessment!
SmartProfiler's advanced assessment parameters really gives you insights about your Active Directory environment and make sure every risk is mitigated.