Quickly Assess Environment Settings

SmartProfiler is a single application which can be used to perform security and compliance assessment of your complete IT Infrastructure.

CIS, NIST CSF 2.0, STIG

SmartProfiler assessment checks for technologies have been designed by leveraging security frameworks such as CIS, NIST CSF 2.0, STIG, MITRE and ANSSI.

Supports Multiple Technologies

SmartProfiler provides support for both Microsoft and non-Microsoft technologies such as AWS, Google Cloud, Ubuntu, Apache, Oracle Database, etc.

Supports Adding Multiple Tenants

There is no need to install multiple copies of SmartProfiler for performing assessment of technologies. Single application supports assessment of multiple technologies.

SmartProfiler CIS Benchmark Assessment

SmartProfiler is a single application designed to support multiple Microsoft and Non-Microsoft Technologies. You can use our SmartProfiler CIS Benchmark Assessment for all of the technologies listed below to perform an automated assessment and generate a detailed report.

Technology Description Last Updated Services/Components Covered Supported Frameworks
Microsoft 365 CIS v3.1.0 Performs CIS v3.1.0 assessment for M365 Tenants and also includes additional tests. Additional tests are recommended for M365 environments. 10-25-2024 SharePoint, ExchangeOnline, Teams, OneDrive, Defender, and other M365 components. CIS, NIST, STIG
Microsoft Active Directory Performs Assessment based on MITRE, ANSSI, and CIS Frameworks. Also includes tests recommended by STIG and NIST. 10-25-2024 Multiple AD Domains and all Domain Controllers in an AD Forest CIS, NIST, MITRE, ANSSI
Microsoft Azure CIS v2.1.0 Performs complete assessment of Azure Tenants including Storage, Compute, AKS, other CIS Benchmarks in a single Azure Assessment. 10-25-2024 Database, Storage, Compute, Entra ID, Azure Infra, AKS. – Covers all other Azure CIS Assessments. CIS, NIST, STIG
Microsoft Azure Entra ID SP v1.0 Performs only Entra ID Assessment for an Azure Tenant 10-25-2024 Covers only Azure Entra ID CIS, NIST, STIG
Microsoft Azure Infra SP v1.0 Performs Microsoft Azure-Infra Assessment including checking SSO in on-prem Active Directory 10-25-2024 Covers Azure Infra, SSO, and On-Prem Active Directory Tests related to SSO CIS, NIST, STIG
Azure Database Services CIS v1.0.0 Performs Database Asssessment for Azure Tenants 10-25-2024 Covers only Azure Database including MySQL, Postgres CIS, NIST, STIG
Azure Compute Services CIS v1.0.0 Performs complete assessment for Azure Compute Environment 10-25-2024 Covers only Azure Compute including Virtual Machines and other Compute Resources CIS, NIST, STIG
Azure Kubernetes Service CIS v1.5.0 Performs AKS Assessment for Azure Tenants 10-25-2024 Azure AKS Service CIS, NIST, STIG
SQL Server 2019 CIS v1.4.0 Performs CIS Assessment for SQL Servers running 2019. Unlimited SQL Instances are supported. 10-25-2024 SQL Server 2019 CIS, NIST, STIG
SQL Server 2022 CIS v1.1.0 Performs CIS Assessment for SQL Servers running 2022. Unlimited SQL Instances are supported. 10-25-2024 SQL Server 2022 CIS, NIST, STIG
Microsoft AVD Assessment Performs VDI Assessment to improve performance of AVD Environment. Unlimited Host Pools are supported. 10-25-2024 Azure AVD Tenant. CIS, NIST, STIG
Microsoft FSLogix Assessment Performs FSLogix Assessment to improve performance of AVD Environment. 10-25-2024 FSLogix Current Versions CIS, NIST, STIG
InTune-iOS BYOD CIS v1.1.0 Performs CIS InTune Assessment for iOS Unmanaged Devices (non-Corporate Devices). 10-25-2024 iOS Devices CIS, NIST, STIG
InTune-iOS ORG CIS v1.1.0 Performs CIS InTune Assessment for iOS Managed Devices (Corporate Devices). 10-25-2024 iOS Devices CIS, NIST, STIG
Windows Server 2016 CIS v3.0.0 Performs CIS Assessment for Windows Server 2016. 10-25-2024 Domain Controllers Member Servers CIS, NIST, STIG
Windows Server 2019 CIS v3.0.1 Performs CIS Assessment for Windows Server 2019. 10-25-2024 Domain Controllers Member Servers CIS, NIST, STIG
Windows Server 2022 CIS v3.0.0 Performs CIS Assessment for Windows Server 2022. 10-25-2024 Domain Controllers Member Servers CIS, NIST, STIG
Intune for Windows 10 CIS v3.0.1 Performs CIS Assessment for Windows 10. Can check Windows 10 InTune Settings Status on multiple computers. Maximum five targets are supported. 10-25-2024 Domain Joined Machines CIS, NIST, STIG
Intune for Windows 11 CIS v3.0.1 Performs CIS Assessment for Windows 11. Can check Windows 11 InTune Settings Status on multiple computers. Maximum five targets are supported. 10-25-2024 Domain Joined Machines CIS, NIST, STIG
Microsoft Windows 10 CIS v3.0.0 Performs CIS Assessment for Windows 10. Can check Windows 10 AD GPO Settings Status on multiple computers. Maximum five targets are supported. 10-25-2024 Domain Joined Machines CIS, NIST, STIG
Microsoft Windows 11 CIS v3.0.0 Performs CIS Assessment for Windows 11. Can check Windows 11 AD GPO Settings Status on multiple computers. Maximum five targets are supported. 10-25-2024 Domain Joined Machines CIS, NIST, STIG
Exchange Server 2016 CIS v1.0.0 Performs CIS Assessment for Exchange Server running 2016 in On-Prem. 10-25-2024 Exchange Servers. Unlimited Exchange Servers are supported. CIS, NIST, STIG
Exchange Server 2019 CIS v1.0.0 Performs CIS Assessment for Exchange Server running 2019 in On-Prem. 10-25-2024 Exchange Servers. Unlimited Exchange Servers are supported. CIS, NIST, STIG
SharePoint Server 2019 CIS v1.0.0 RETIRING-Q1-2025 10-25-2024 RETIRING-Q1-2025 CIS, NIST, STIG
Microsoft IIS 10 CIS v1.2.1 Performs CIS Assessment on multiple IIS Servers. 10-25-2024 IIS Servers runing 10 or lower versions. Unlimited IIS Servers are supported. CIS, NIST, STIG
Microsoft Edge CIS v3.0.0 Performs CIS Assessment for Edge Browser on multiple Computers. 10-25-2024 Edge Browser CIS, NIST, STIG
Microsoft DHCP Performs DHCP Assessment which includes executing custom tests designed for DHCP Environments. 10-25-2024 All DHCP Servers joined to Active Directory Forest. Unlimited DHCP Servers are supported. CIS, NIST, STIG
Google Chrome CIS v3.0.0 Can check CIS Settings for Google Chrome on destination computers. 10-25-2024 Chrome Browser CIS, NIST, STIG
AWS Complete CIS v3.0.0 Performs complete assessment of Amazon Services including other AWS CIS Assessments in a single AWS Assessment Package. Also includes RDS tests recommended by AWS Experts. 10-25-2024 Web Services CIS 3.0.0, Compute Services CIS 1.0.0, Database Services CIS 1.0.0 and Storage Services CIS 1.0.0 CIS, NIST, STIG
AWS Web Services CIS v3.0.0 Performs complete assessment of Amazon Web Services Component. 10-25-2024 AWS Web Service Component CIS, NIST, STIG
AWS Compute Services CIS v1.0.0 Performs complete assessment of Amazon Compute Services Component. 10-25-2024 AWS Compute Component CIS, NIST, STIG
AWS Database Services CIS v1.0.0 Performs complete assessment of Amazon Database Services Component. 10-25-2024 AWS Database Component CIS, NIST, STIG
AWS Storage Services CIS v1.0.0 Performs complete assessment of Amazon Storage Services Component. 10-25-2024 AWS Storage Component CIS, NIST, STIG
AWS End User Compute CIS v1.1.0 Performs complete assessment of Amazon End User Compute including Workspace. 10-25-2024 AWS End User Workspace CIS, NIST, STIG
VMWare ESXi 8.0 CIS v1.1.0 Perform complete assessment as per Vmware CIS v1.1.0 and other tests included. 10-25-2024 ESXi 8.0 and earlier hosts running in a vCenter. CIS, NIST, STIG
Ubuntu Linux 22.04 LTS CIS v2.0.0 Perform complete assessment of Ubuntu Linux Systems. Unlimited Ubuntu Systems are suported. 10-25-2024 Ubuntu Linux 22.04 suported CIS, NIST, STIG
Ubuntu Linux 20.04 LTS CIS v2.0.0 Perform complete assessment of Ubuntu Linux Systems. Unlimited Ubuntu Systems are suported. 10-25-2024 Ubuntu Linux 20.04 suported CIS, NIST, STIG
CentOS Linux 8 CIS v1.0.0.1 Perform complete assessment of CentOS Linux Systems. Unlimited CentOS Systems are suported. 10-25-2024 CentOS Linux suported CIS, NIST, STIG
Debian Linux 12 CIS v1.0.1 Perform complete assessment of Debian Linux Systems. Unlimited Debian Systems are suported. 10-25-2024 Debian Linux suported CIS, NIST, STIG
Red Hat Enterprise Linux 9 CIS v2.0.0 Performs Complete assessment as per CIS Benchmark. 10-25-2024 Red Hat CIS, NIST, STIG
NGINX CIS v2.1.0 Performs Complete assessment as per CIS Benchmark. 10-25-2024 NGINX CIS CIS, NIST, STIG
Oracle Database 18c CIS v1.1.0 Performs Complete assessment as per CIS Benchmark. 10-25-2024 Oracle Database CIS, NIST, STIG
Oracle Database 19c CIS v1.2.0 Performs Complete assessment as per CIS Benchmark. 10-25-2024 Oracle Database CIS, NIST, STIG
Google Cloud CIS v3.0.0 Performs Complete assessment as per CIS Benchmark. 10-25-2024 Google Cloud CIS, NIST, STIG
Fortigate 7.0 CIS v1.3.0 Performs Complete assessment as per CIS Benchmark. Fortigate Health Check is also supported. 10-25-2024 Fortigate supported CIS, NIST, STIG
Apache Cassandra 4.0 CIS v1.0.0 Performs Complete assessment as per CIS Benchmark. 10-25-2024 Apache Cassandra CIS, NIST, STIG
Apache Tomcat 9 CIS v1.2.0 Performs Complete assessment as per CIS Benchmark. 10-25-2024 Apache Tomcat CIS, NIST, STIG
Apache HTTP Server 2.4 CIS v2.1.0 Performs Complete assessment as per CIS Benchmark. 10-25-2024 Apache HTTP CIS, NIST, STIG
MariaDB 10.11 CIS v1.0.0 Performs Complete assessment as per CIS Benchmark. 10-25-2024 MariaDB 10.11 CIS CIS, NIST, STIG
F5 Networks CIS v1.0.0 Performs Complete assessment as per CIS Benchmark. 10-25-2024 F5 Networks CIS, NIST, STIG
Oracle Cloud INFRA CIS v2.0.0 Performs Complete assessment as per CIS Benchmark. 10-25-2024 Oracle Cloud CIS, NIST, STIG
Cisco IOS 17.x CIS v2.0.0 Performs Complete assessment as per CIS Benchmark. 10-25-2024 Cisco IOS CIS, NIST, STIG
IBM Cloud CIS v1.1.0 Performs Complete assessment as per CIS Benchmark. 10-25-2024 IBM Cloud CIS, NIST, STIG

Supported Technologies by SmartProfiler

Every technology is compatible with test cases created by ANSSI, MITRE, CIS, STIG, NIST CSF 2.0, and SmartProfiler tests. Our technology professionals use the evaluations we have completed for clients worldwide as a source of knowledge when designing SmartProfiler tests.

Microsoft Active Directory

It’s crucial to carry out an advanced assessment before purchasing any monitoring software for Microsoft Active Directory to make sure the tool can keep an eye on all the problems the assessment tool finds—something the SmartProfiler for Active Directory does! Not every assessment tool examines every facet of Active Directory environments. SmartProfiler is designed to uncover issues in On-Premises Active Directory.

Objective is to check all Active Directory Components to ensure they are configured correctly and there is no security risks.

ANSSI, MITRE, MS-RECOMMENDED, CIS

324 Tests from ANSSI, MITRE, Microsoft and CIS

Microsoft 365 CIS Version 3.1.0

SmartProfiler for Microsoft 365 Assessment is an automated Health & Risk assessment solution to help you significantly improve your Microsoft 365 ecosystem health & security posture. SmartProfiler for Microsoft 365 Assessment follows CIS-Workbench controls (Version 3.1.0) and other tests designed by our Microsoft 365 experts. Services covered: MSOnline, EXO, Teams, SharePoint, OneDrive, and Azure AD.

The Microsoft 365 CIS Assessment is a security evaluation designed to help organizations assess their Microsoft 365 environment against the Center for Internet Security (CIS) Microsoft 365 Security Benchmark. This benchmark provides a set of security best practices to ensure the proper configuration and protection of Microsoft 365 services, helping organizations mitigate risks and safeguard sensitive data in a cloud-based, collaborative environment.

The assessment focuses on several key areas:

  1. Identity and Access Management: Ensuring secure authentication methods, such as Multi-Factor Authentication (MFA), and implementing role-based access control (RBAC) to protect against unauthorized access to Microsoft 365 resources.
  2. Email and Collaboration Security: Configuring security controls for email services (Exchange Online) and collaboration tools (Teams, SharePoint, OneDrive) to prevent phishing attacks, data leaks, and unauthorized sharing of sensitive information.
  3. Data Protection: Implementing data loss prevention (DLP) policies, encryption, and rights management to safeguard sensitive content across email, documents, and cloud storage within Microsoft 365.
  4. Security Monitoring and Incident Response: Setting up advanced security monitoring through tools like Microsoft Sentinel and Microsoft Defender for Office 365 to detect threats, respond to incidents, and ensure that logs are appropriately collected and analyzed.
  5. Compliance and Auditing: Ensuring compliance with regulatory standards by configuring auditing, reporting, and retention policies within Microsoft 365, enabling organizations to track user activity and ensure adherence to privacy and security policies.

By conducting the Microsoft 365 CIS Assessment, organizations can identify gaps in their security posture, implement recommended best practices, and ensure that their Microsoft 365 environment is securely configured. This proactive assessment helps reduce the risk of security breaches, improve data protection, and align Microsoft 365 deployments with industry-leading security standards, ensuring a safe and compliant environment for collaboration and productivity.

Objective is to check all Microsoft 365 Services including SharePoint, ExchangeOnline, OneDrive, Teams, Defender and other services.

219 Tests from CIS and SmartProfiler tests designed by our M365 Experts.

Microsoft Azure CIS Version 2.1.0

The Azure CIS Assessment is a security evaluation designed to help organizations assess their Azure environments against the Center for Internet Security (CIS) Azure Foundations Benchmark. This benchmark provides a set of best practices and security controls that ensure the safe and compliant configuration of Azure resources. By conducting this assessment, organizations can identify vulnerabilities, improve security posture, and mitigate risks associated with misconfigurations and non-compliance with industry standards.

The assessment covers key security areas, including:

  1. Identity and Access Management: Ensuring proper authentication, authorization, and role-based access control (RBAC).
  2. Network Security: Evaluating network configurations, firewalls, and network isolation to prevent unauthorized access.
  3. Monitoring and Logging: Enabling logging and monitoring to track security events, detect threats, and respond to incidents.
  4. Data Protection: Implementing encryption and data retention policies to safeguard sensitive information.
  5. Resource Configuration: Ensuring Azure resources like virtual machines, storage, and databases are securely configured and compliant.

Through this structured assessment, organizations can achieve better visibility into their Azure infrastructure, improve security controls, and align with the best practices recommended by CIS for cloud environments. SmartProfiler for Azure CIS Assessment offers automated assessment and detailed reporting with impact and recommendations to fix this issues.

Objective is to check all Azure Services including Infrastructure, Compute, Storage, Database and End User Computing.

279 Tests from CIS and SmartProfiler tests designed by our Azure Experts.

Microsoft Azure Entra ID CIS Assessment

Microsoft Azure Entra ID SP v1.0

The Azure Entra ID CIS Assessment is a security evaluation designed to help organizations assess their Azure Active Directory (Azure AD) environment against the Center for Internet Security (CIS) Azure AD Security Benchmark. This benchmark outlines a set of best practices and security controls to ensure the secure configuration of identity and access management in Azure AD, helping organizations protect their users, applications, and sensitive data from unauthorized access and potential security threats.

The assessment focuses on several key areas:

  1. Identity Protection: Ensuring the use of multi-factor authentication (MFA), conditional access policies, and secure user authentication methods to prevent unauthorized access.
  2. Access Management: Implementing role-based access control (RBAC) and least-privilege principles to minimize risks associated with excessive or improper permissions.
  3. User and Group Management: Enforcing policies for secure user provisioning, de-provisioning, and group management to maintain a secure and clean identity infrastructure.
  4. Monitoring and Auditing: Enabling logging, monitoring, and alerting to track suspicious activities, detect potential threats, and respond to security incidents effectively.
  5. External Identities: Configuring secure collaboration settings with external users, ensuring proper governance and monitoring of external access.

By conducting the Azure Entra ID CIS Assessment, organizations can identify security gaps, mitigate risks associated with misconfigurations, and ensure their Azure AD environment aligns with industry-leading security practices. This proactive approach helps safeguard the identity management infrastructure, reduce the attack surface, and strengthen overall security posture in Azure Active Directory environments.

Objective is to check all Microsoft 365 Services including SharePoint, ExchangeOnline, OneDrive, Teams, Defender and other services.

219 Tests from CIS and SmartProfiler tests designed by our M365 Experts.

Microsoft InTune CIS Assessment

InTune-iOS ORG CIS v1.1.0

The InTune iOS CIS Assessment is a security evaluation designed to help organizations assess their Microsoft Intune configuration for iOS devices against the Center for Internet Security (CIS) Mobile Device Security Benchmark for iOS. This benchmark provides a set of best practices to ensure that iOS devices managed through Intune are securely configured, compliant with industry standards, and protected against security threats.

The assessment focuses on the following key areas:

  1. Device Enrollment & Authentication: Ensuring proper enrollment processes, such as requiring multi-factor authentication (MFA) and leveraging secure authentication methods to prevent unauthorized access to devices.
  2. Mobile Device Management (MDM) Policies: Configuring policies to enforce device passcodes, encryption, and remote wipe capabilities to protect against unauthorized access and data breaches.
  3. App Management: Securing app deployments and configurations by restricting app installations, using approved app lists, and managing app permissions to prevent malicious apps from being installed or running on devices.
  4. Data Protection: Enforcing data encryption, secure storage, and backup policies to protect sensitive data on iOS devices, both in transit and at rest.
  5. Compliance & Monitoring: Enabling continuous monitoring and reporting to ensure devices remain compliant with security policies and to track non-compliant or risky behavior that could expose vulnerabilities.

By conducting the InTune iOS CIS Assessment, organizations can evaluate and strengthen their device management posture, ensure their iOS devices meet CIS security standards, and reduce the risk of security breaches, data loss, or unauthorized access. This proactive approach helps organizations enforce consistent security practices and maintain control over their mobile device environment.

Objective is to check:

  • All CIS iOS Settings are configured in InTune Admin Center
  • CIS iOS Settings are applying correctly to Windows 10 and Windows 11 machines.

61 Tests from CIS and SmartProfiler tests designed by our M365 Experts.

Microsoft IIS Server CIS Assessment

Microsoft IIS 10 CIS v1.2.1

The CIS (Center for Internet Security) Microsoft IIS Server Benchmark provides a set of best practices to secure Internet Information Services (IIS) servers. This assessment focuses on ensuring that IIS configurations are hardened against vulnerabilities, mitigating risks related to unauthorized access, data breaches, and system misconfigurations. The key areas covered include:

  1. Account and Authentication Management: Ensuring strong authentication methods, enforcing password policies, and managing user permissions properly.

  2. Configuration Settings: Securing HTTP response headers, disabling unnecessary modules, and configuring appropriate logging settings to monitor access and activities.

  3. File and Directory Permissions: Implementing least privilege access, securing sensitive files and directories, and ensuring proper access controls to prevent unauthorized data exposure.

  4. Patch Management: Regularly applying security patches to both IIS and underlying operating systems to protect against known vulnerabilities.

  5. Audit and Monitoring: Setting up logging, enabling detailed auditing, and ensuring that logs are reviewed for signs of suspicious activity.

Following the CIS Benchmark for IIS can significantly reduce the attack surface of web servers, helping organizations maintain a more secure environment and comply with industry best practices and regulatory requirements.

Objective is to check all IIS Server Settings according to CIS Benchmark recommended for Microsoft IIS environments. Multiple IIS Servers are supported.

219 Tests from CIS and SmartProfiler tests designed by our M365 Experts.

VMware ESXi CIS Assessment

VMWare ESXi 8.0 CIS v1.1.0

The CIS VMware ESXi 8.0 Benchmark v1.1.0 provides a comprehensive set of best practices to secure VMware ESXi hosts, focusing on hardening the underlying virtualization platform. This assessment is designed to reduce vulnerabilities, strengthen configurations, and mitigate risks in virtualized environments. Key areas of focus in the CIS assessment include:

  1. Host Configuration: Ensuring the ESXi host is configured with secure settings, such as enabling lockdown mode, using strong passwords, and disabling unnecessary services.

  2. Access Control: Implementing least-privilege access policies, enforcing multi-factor authentication (MFA), and managing user roles and permissions to minimize the risk of unauthorized access.

  3. Network Security: Securing network traffic by using VLANs, firewalls, and encrypting sensitive data. It also recommends disabling unused network adapters and ports.

  4. Logging and Auditing: Ensuring that audit logs are enabled and protected to detect and investigate any suspicious activities. It also includes setting up centralized logging for better monitoring and compliance.

  5. Patch Management: Regularly applying security patches and updates to the ESXi host to protect against known vulnerabilities and exploits.

  6. Security Monitoring: Implementing intrusion detection systems (IDS) and security monitoring tools to actively identify and mitigate threats within the virtualized infrastructure.

By adhering to the CIS VMware ESXi 8.0 v1.1.0 Benchmark, organizations can ensure that their ESXi hosts are securely configured, reducing the risk of breaches and maintaining a robust, compliant virtualized environment.

Objective is to check all CIS Settings recommended for ESXi hosts. Multiple ESXi Hosts are supported.

219 Tests from CIS and SmartProfiler tests designed by our M365 Experts.

AWS Web Services CIS Assessment

AWS Complete CIS v3.0.0

The AWS Complete CIS v3.0.0 Assessment refers to a comprehensive evaluation of an AWS environment based on the Center for Internet Security (CIS) AWS Foundations Benchmark, version 3.0.0. This benchmark provides a set of best practices to secure AWS environments, focusing on key areas such as identity and access management, logging, monitoring, networking, and data protection.

By performing a CIS assessment, organizations can systematically review their AWS configurations to identify gaps, enhance security, and reduce risks. The assessment process typically includes automated checks, manual reviews, and alignment with CIS recommendations to ensure that cloud resources are secure, compliant, and follow industry best practices.

This process is crucial for improving the overall security posture of AWS environments, ensuring compliance with regulatory standards, and mitigating potential vulnerabilities.

Objective is to check all CIS Settings recommended for Amazon Web Services.

279 Tests from CIS and SmartProfiler tests designed by our AWS Security Experts.

Translate »
Index