SmartProfiler is a single application which can be used to perform security and compliance assessment of your complete IT Infrastructure.
SmartProfiler assessment checks for technologies have been designed by leveraging security frameworks such as CIS, NIST CSF 2.0, STIG, MITRE and ANSSI.
SmartProfiler provides support for both Microsoft and non-Microsoft technologies such as AWS, Google Cloud, Ubuntu, Apache, Oracle Database, etc.
There is no need to install multiple copies of SmartProfiler for performing assessment of technologies. Single application supports assessment of multiple technologies.
SmartProfiler is a single application designed to support multiple Microsoft and Non-Microsoft Technologies. You can use our SmartProfiler CIS Benchmark Assessment for all of the technologies listed below to perform an automated assessment and generate a detailed report.
Technology | Description | Last Updated | Services/Components Covered | Supported Frameworks |
Microsoft 365 CIS v3.1.0 | Performs CIS v3.1.0 assessment for M365 Tenants and also includes additional tests. Additional tests are recommended for M365 environments. | 10-25-2024 | SharePoint, ExchangeOnline, Teams, OneDrive, Defender, and other M365 components. | CIS, NIST, STIG |
Microsoft Active Directory | Performs Assessment based on MITRE, ANSSI, and CIS Frameworks. Also includes tests recommended by STIG and NIST. | 10-25-2024 | Multiple AD Domains and all Domain Controllers in an AD Forest | CIS, NIST, MITRE, ANSSI |
Microsoft Azure CIS v2.1.0 | Performs complete assessment of Azure Tenants including Storage, Compute, AKS, other CIS Benchmarks in a single Azure Assessment. | 10-25-2024 | Database, Storage, Compute, Entra ID, Azure Infra, AKS. – Covers all other Azure CIS Assessments. | CIS, NIST, STIG |
Microsoft Azure Entra ID SP v1.0 | Performs only Entra ID Assessment for an Azure Tenant | 10-25-2024 | Covers only Azure Entra ID | CIS, NIST, STIG |
Microsoft Azure Infra SP v1.0 | Performs Microsoft Azure-Infra Assessment including checking SSO in on-prem Active Directory | 10-25-2024 | Covers Azure Infra, SSO, and On-Prem Active Directory Tests related to SSO | CIS, NIST, STIG |
Azure Database Services CIS v1.0.0 | Performs Database Asssessment for Azure Tenants | 10-25-2024 | Covers only Azure Database including MySQL, Postgres | CIS, NIST, STIG |
Azure Compute Services CIS v1.0.0 | Performs complete assessment for Azure Compute Environment | 10-25-2024 | Covers only Azure Compute including Virtual Machines and other Compute Resources | CIS, NIST, STIG |
Azure Kubernetes Service CIS v1.5.0 | Performs AKS Assessment for Azure Tenants | 10-25-2024 | Azure AKS Service | CIS, NIST, STIG |
SQL Server 2019 CIS v1.4.0 | Performs CIS Assessment for SQL Servers running 2019. Unlimited SQL Instances are supported. | 10-25-2024 | SQL Server 2019 | CIS, NIST, STIG |
SQL Server 2022 CIS v1.1.0 | Performs CIS Assessment for SQL Servers running 2022. Unlimited SQL Instances are supported. | 10-25-2024 | SQL Server 2022 | CIS, NIST, STIG |
Microsoft AVD Assessment | Performs VDI Assessment to improve performance of AVD Environment. Unlimited Host Pools are supported. | 10-25-2024 | Azure AVD Tenant. | CIS, NIST, STIG |
Microsoft FSLogix Assessment | Performs FSLogix Assessment to improve performance of AVD Environment. | 10-25-2024 | FSLogix Current Versions | CIS, NIST, STIG |
InTune-iOS BYOD CIS v1.1.0 | Performs CIS InTune Assessment for iOS Unmanaged Devices (non-Corporate Devices). | 10-25-2024 | iOS Devices | CIS, NIST, STIG |
InTune-iOS ORG CIS v1.1.0 | Performs CIS InTune Assessment for iOS Managed Devices (Corporate Devices). | 10-25-2024 | iOS Devices | CIS, NIST, STIG |
Windows Server 2016 CIS v3.0.0 | Performs CIS Assessment for Windows Server 2016. | 10-25-2024 | Domain Controllers Member Servers | CIS, NIST, STIG |
Windows Server 2019 CIS v3.0.1 | Performs CIS Assessment for Windows Server 2019. | 10-25-2024 | Domain Controllers Member Servers | CIS, NIST, STIG |
Windows Server 2022 CIS v3.0.0 | Performs CIS Assessment for Windows Server 2022. | 10-25-2024 | Domain Controllers Member Servers | CIS, NIST, STIG |
Intune for Windows 10 CIS v3.0.1 | Performs CIS Assessment for Windows 10. Can check Windows 10 InTune Settings Status on multiple computers. Maximum five targets are supported. | 10-25-2024 | Domain Joined Machines | CIS, NIST, STIG |
Intune for Windows 11 CIS v3.0.1 | Performs CIS Assessment for Windows 11. Can check Windows 11 InTune Settings Status on multiple computers. Maximum five targets are supported. | 10-25-2024 | Domain Joined Machines | CIS, NIST, STIG |
Microsoft Windows 10 CIS v3.0.0 | Performs CIS Assessment for Windows 10. Can check Windows 10 AD GPO Settings Status on multiple computers. Maximum five targets are supported. | 10-25-2024 | Domain Joined Machines | CIS, NIST, STIG |
Microsoft Windows 11 CIS v3.0.0 | Performs CIS Assessment for Windows 11. Can check Windows 11 AD GPO Settings Status on multiple computers. Maximum five targets are supported. | 10-25-2024 | Domain Joined Machines | CIS, NIST, STIG |
Exchange Server 2016 CIS v1.0.0 | Performs CIS Assessment for Exchange Server running 2016 in On-Prem. | 10-25-2024 | Exchange Servers. Unlimited Exchange Servers are supported. | CIS, NIST, STIG |
Exchange Server 2019 CIS v1.0.0 | Performs CIS Assessment for Exchange Server running 2019 in On-Prem. | 10-25-2024 | Exchange Servers. Unlimited Exchange Servers are supported. | CIS, NIST, STIG |
SharePoint Server 2019 CIS v1.0.0 | RETIRING-Q1-2025 | 10-25-2024 | RETIRING-Q1-2025 | CIS, NIST, STIG |
Microsoft IIS 10 CIS v1.2.1 | Performs CIS Assessment on multiple IIS Servers. | 10-25-2024 | IIS Servers runing 10 or lower versions. Unlimited IIS Servers are supported. | CIS, NIST, STIG |
Microsoft Edge CIS v3.0.0 | Performs CIS Assessment for Edge Browser on multiple Computers. | 10-25-2024 | Edge Browser | CIS, NIST, STIG |
Microsoft DHCP | Performs DHCP Assessment which includes executing custom tests designed for DHCP Environments. | 10-25-2024 | All DHCP Servers joined to Active Directory Forest. Unlimited DHCP Servers are supported. | CIS, NIST, STIG |
Google Chrome CIS v3.0.0 | Can check CIS Settings for Google Chrome on destination computers. | 10-25-2024 | Chrome Browser | CIS, NIST, STIG |
AWS Complete CIS v3.0.0 | Performs complete assessment of Amazon Services including other AWS CIS Assessments in a single AWS Assessment Package. Also includes RDS tests recommended by AWS Experts. | 10-25-2024 | Web Services CIS 3.0.0, Compute Services CIS 1.0.0, Database Services CIS 1.0.0 and Storage Services CIS 1.0.0 | CIS, NIST, STIG |
AWS Web Services CIS v3.0.0 | Performs complete assessment of Amazon Web Services Component. | 10-25-2024 | AWS Web Service Component | CIS, NIST, STIG |
AWS Compute Services CIS v1.0.0 | Performs complete assessment of Amazon Compute Services Component. | 10-25-2024 | AWS Compute Component | CIS, NIST, STIG |
AWS Database Services CIS v1.0.0 | Performs complete assessment of Amazon Database Services Component. | 10-25-2024 | AWS Database Component | CIS, NIST, STIG |
AWS Storage Services CIS v1.0.0 | Performs complete assessment of Amazon Storage Services Component. | 10-25-2024 | AWS Storage Component | CIS, NIST, STIG |
AWS End User Compute CIS v1.1.0 | Performs complete assessment of Amazon End User Compute including Workspace. | 10-25-2024 | AWS End User Workspace | CIS, NIST, STIG |
VMWare ESXi 8.0 CIS v1.1.0 | Perform complete assessment as per Vmware CIS v1.1.0 and other tests included. | 10-25-2024 | ESXi 8.0 and earlier hosts running in a vCenter. | CIS, NIST, STIG |
Ubuntu Linux 22.04 LTS CIS v2.0.0 | Perform complete assessment of Ubuntu Linux Systems. Unlimited Ubuntu Systems are suported. | 10-25-2024 | Ubuntu Linux 22.04 suported | CIS, NIST, STIG |
Ubuntu Linux 20.04 LTS CIS v2.0.0 | Perform complete assessment of Ubuntu Linux Systems. Unlimited Ubuntu Systems are suported. | 10-25-2024 | Ubuntu Linux 20.04 suported | CIS, NIST, STIG |
CentOS Linux 8 CIS v1.0.0.1 | Perform complete assessment of CentOS Linux Systems. Unlimited CentOS Systems are suported. | 10-25-2024 | CentOS Linux suported | CIS, NIST, STIG |
Debian Linux 12 CIS v1.0.1 | Perform complete assessment of Debian Linux Systems. Unlimited Debian Systems are suported. | 10-25-2024 | Debian Linux suported | CIS, NIST, STIG |
Red Hat Enterprise Linux 9 CIS v2.0.0 | Performs Complete assessment as per CIS Benchmark. | 10-25-2024 | Red Hat | CIS, NIST, STIG |
NGINX CIS v2.1.0 | Performs Complete assessment as per CIS Benchmark. | 10-25-2024 | NGINX CIS | CIS, NIST, STIG |
Oracle Database 18c CIS v1.1.0 | Performs Complete assessment as per CIS Benchmark. | 10-25-2024 | Oracle Database | CIS, NIST, STIG |
Oracle Database 19c CIS v1.2.0 | Performs Complete assessment as per CIS Benchmark. | 10-25-2024 | Oracle Database | CIS, NIST, STIG |
Google Cloud CIS v3.0.0 | Performs Complete assessment as per CIS Benchmark. | 10-25-2024 | Google Cloud | CIS, NIST, STIG |
Fortigate 7.0 CIS v1.3.0 | Performs Complete assessment as per CIS Benchmark. Fortigate Health Check is also supported. | 10-25-2024 | Fortigate supported | CIS, NIST, STIG |
Apache Cassandra 4.0 CIS v1.0.0 | Performs Complete assessment as per CIS Benchmark. | 10-25-2024 | Apache Cassandra | CIS, NIST, STIG |
Apache Tomcat 9 CIS v1.2.0 | Performs Complete assessment as per CIS Benchmark. | 10-25-2024 | Apache Tomcat | CIS, NIST, STIG |
Apache HTTP Server 2.4 CIS v2.1.0 | Performs Complete assessment as per CIS Benchmark. | 10-25-2024 | Apache HTTP | CIS, NIST, STIG |
MariaDB 10.11 CIS v1.0.0 | Performs Complete assessment as per CIS Benchmark. | 10-25-2024 | MariaDB 10.11 CIS | CIS, NIST, STIG |
F5 Networks CIS v1.0.0 | Performs Complete assessment as per CIS Benchmark. | 10-25-2024 | F5 Networks | CIS, NIST, STIG |
Oracle Cloud INFRA CIS v2.0.0 | Performs Complete assessment as per CIS Benchmark. | 10-25-2024 | Oracle Cloud | CIS, NIST, STIG |
Cisco IOS 17.x CIS v2.0.0 | Performs Complete assessment as per CIS Benchmark. | 10-25-2024 | Cisco IOS | CIS, NIST, STIG |
IBM Cloud CIS v1.1.0 | Performs Complete assessment as per CIS Benchmark. | 10-25-2024 | IBM Cloud | CIS, NIST, STIG |
Every technology is compatible with test cases created by ANSSI, MITRE, CIS, STIG, NIST CSF 2.0, and SmartProfiler tests. Our technology professionals use the evaluations we have completed for clients worldwide as a source of knowledge when designing SmartProfiler tests.
It’s crucial to carry out an advanced assessment before purchasing any monitoring software for Microsoft Active Directory to make sure the tool can keep an eye on all the problems the assessment tool finds—something the SmartProfiler for Active Directory does! Not every assessment tool examines every facet of Active Directory environments. SmartProfiler is designed to uncover issues in On-Premises Active Directory.
Objective is to check all Active Directory Components to ensure they are configured correctly and there is no security risks.
ANSSI, MITRE, MS-RECOMMENDED, CIS
324 Tests from ANSSI, MITRE, Microsoft and CIS
SmartProfiler for Microsoft 365 Assessment is an automated Health & Risk assessment solution to help you significantly improve your Microsoft 365 ecosystem health & security posture. SmartProfiler for Microsoft 365 Assessment follows CIS-Workbench controls (Version 3.1.0) and other tests designed by our Microsoft 365 experts. Services covered: MSOnline, EXO, Teams, SharePoint, OneDrive, and Azure AD.
The Microsoft 365 CIS Assessment is a security evaluation designed to help organizations assess their Microsoft 365 environment against the Center for Internet Security (CIS) Microsoft 365 Security Benchmark. This benchmark provides a set of security best practices to ensure the proper configuration and protection of Microsoft 365 services, helping organizations mitigate risks and safeguard sensitive data in a cloud-based, collaborative environment.
The assessment focuses on several key areas:
By conducting the Microsoft 365 CIS Assessment, organizations can identify gaps in their security posture, implement recommended best practices, and ensure that their Microsoft 365 environment is securely configured. This proactive assessment helps reduce the risk of security breaches, improve data protection, and align Microsoft 365 deployments with industry-leading security standards, ensuring a safe and compliant environment for collaboration and productivity.
Objective is to check all Microsoft 365 Services including SharePoint, ExchangeOnline, OneDrive, Teams, Defender and other services.
CIS, NIST
219 Tests from CIS and SmartProfiler tests designed by our M365 Experts.
The Azure CIS Assessment is a security evaluation designed to help organizations assess their Azure environments against the Center for Internet Security (CIS) Azure Foundations Benchmark. This benchmark provides a set of best practices and security controls that ensure the safe and compliant configuration of Azure resources. By conducting this assessment, organizations can identify vulnerabilities, improve security posture, and mitigate risks associated with misconfigurations and non-compliance with industry standards.
The assessment covers key security areas, including:
Through this structured assessment, organizations can achieve better visibility into their Azure infrastructure, improve security controls, and align with the best practices recommended by CIS for cloud environments. SmartProfiler for Azure CIS Assessment offers automated assessment and detailed reporting with impact and recommendations to fix this issues.
Objective is to check all Azure Services including Infrastructure, Compute, Storage, Database and End User Computing.
CIS, NIST
279 Tests from CIS and SmartProfiler tests designed by our Azure Experts.
The Azure Entra ID CIS Assessment is a security evaluation designed to help organizations assess their Azure Active Directory (Azure AD) environment against the Center for Internet Security (CIS) Azure AD Security Benchmark. This benchmark outlines a set of best practices and security controls to ensure the secure configuration of identity and access management in Azure AD, helping organizations protect their users, applications, and sensitive data from unauthorized access and potential security threats.
The assessment focuses on several key areas:
By conducting the Azure Entra ID CIS Assessment, organizations can identify security gaps, mitigate risks associated with misconfigurations, and ensure their Azure AD environment aligns with industry-leading security practices. This proactive approach helps safeguard the identity management infrastructure, reduce the attack surface, and strengthen overall security posture in Azure Active Directory environments.
Objective is to check all Microsoft 365 Services including SharePoint, ExchangeOnline, OneDrive, Teams, Defender and other services.
CIS, NIST
219 Tests from CIS and SmartProfiler tests designed by our M365 Experts.
The InTune iOS CIS Assessment is a security evaluation designed to help organizations assess their Microsoft Intune configuration for iOS devices against the Center for Internet Security (CIS) Mobile Device Security Benchmark for iOS. This benchmark provides a set of best practices to ensure that iOS devices managed through Intune are securely configured, compliant with industry standards, and protected against security threats.
The assessment focuses on the following key areas:
By conducting the InTune iOS CIS Assessment, organizations can evaluate and strengthen their device management posture, ensure their iOS devices meet CIS security standards, and reduce the risk of security breaches, data loss, or unauthorized access. This proactive approach helps organizations enforce consistent security practices and maintain control over their mobile device environment.
Objective is to check:
CIS, NIST
61 Tests from CIS and SmartProfiler tests designed by our M365 Experts.
The CIS (Center for Internet Security) Microsoft IIS Server Benchmark provides a set of best practices to secure Internet Information Services (IIS) servers. This assessment focuses on ensuring that IIS configurations are hardened against vulnerabilities, mitigating risks related to unauthorized access, data breaches, and system misconfigurations. The key areas covered include:
Account and Authentication Management: Ensuring strong authentication methods, enforcing password policies, and managing user permissions properly.
Configuration Settings: Securing HTTP response headers, disabling unnecessary modules, and configuring appropriate logging settings to monitor access and activities.
File and Directory Permissions: Implementing least privilege access, securing sensitive files and directories, and ensuring proper access controls to prevent unauthorized data exposure.
Patch Management: Regularly applying security patches to both IIS and underlying operating systems to protect against known vulnerabilities.
Audit and Monitoring: Setting up logging, enabling detailed auditing, and ensuring that logs are reviewed for signs of suspicious activity.
Following the CIS Benchmark for IIS can significantly reduce the attack surface of web servers, helping organizations maintain a more secure environment and comply with industry best practices and regulatory requirements.
Objective is to check all IIS Server Settings according to CIS Benchmark recommended for Microsoft IIS environments. Multiple IIS Servers are supported.
CIS, NIST
219 Tests from CIS and SmartProfiler tests designed by our M365 Experts.
The CIS VMware ESXi 8.0 Benchmark v1.1.0 provides a comprehensive set of best practices to secure VMware ESXi hosts, focusing on hardening the underlying virtualization platform. This assessment is designed to reduce vulnerabilities, strengthen configurations, and mitigate risks in virtualized environments. Key areas of focus in the CIS assessment include:
Host Configuration: Ensuring the ESXi host is configured with secure settings, such as enabling lockdown mode, using strong passwords, and disabling unnecessary services.
Access Control: Implementing least-privilege access policies, enforcing multi-factor authentication (MFA), and managing user roles and permissions to minimize the risk of unauthorized access.
Network Security: Securing network traffic by using VLANs, firewalls, and encrypting sensitive data. It also recommends disabling unused network adapters and ports.
Logging and Auditing: Ensuring that audit logs are enabled and protected to detect and investigate any suspicious activities. It also includes setting up centralized logging for better monitoring and compliance.
Patch Management: Regularly applying security patches and updates to the ESXi host to protect against known vulnerabilities and exploits.
Security Monitoring: Implementing intrusion detection systems (IDS) and security monitoring tools to actively identify and mitigate threats within the virtualized infrastructure.
By adhering to the CIS VMware ESXi 8.0 v1.1.0 Benchmark, organizations can ensure that their ESXi hosts are securely configured, reducing the risk of breaches and maintaining a robust, compliant virtualized environment.
Objective is to check all CIS Settings recommended for ESXi hosts. Multiple ESXi Hosts are supported.
CIS, NIST
219 Tests from CIS and SmartProfiler tests designed by our M365 Experts.
The AWS Complete CIS v3.0.0 Assessment refers to a comprehensive evaluation of an AWS environment based on the Center for Internet Security (CIS) AWS Foundations Benchmark, version 3.0.0. This benchmark provides a set of best practices to secure AWS environments, focusing on key areas such as identity and access management, logging, monitoring, networking, and data protection.
By performing a CIS assessment, organizations can systematically review their AWS configurations to identify gaps, enhance security, and reduce risks. The assessment process typically includes automated checks, manual reviews, and alignment with CIS recommendations to ensure that cloud resources are secure, compliant, and follow industry best practices.
This process is crucial for improving the overall security posture of AWS environments, ensuring compliance with regulatory standards, and mitigating potential vulnerabilities.
Objective is to check all CIS Settings recommended for Amazon Web Services.
CIS, NIST
279 Tests from CIS and SmartProfiler tests designed by our AWS Security Experts.
Copyright © DynamicPacks Technologies