One of the joys and sorrows of working at Microsoft is you get to use really cool software before the public does.  It can cause issues when you forget you’ve been using beta software and have to upgrade to RTM versions.    Well today it caught up with me.  I’ve been working on the beta version of Visual Studio and had to uninstall and reinstall to sync with the released version.  Kind of a pain but well worth it.  While this install is happening I thought I’d catch up on my blogs.

We are in the middle of a sprint for the WACA tool.  There are a few features we’re working on I can share.  We’re adding a bunch of new rules including SQL, iis and general machine setting rules.  There are approximately 30 new rules we’re looking to add in this version.  We are in the process of validating rules to identify if there’s a vulnerability on the machine.  Another feature we’re working on is an improvement of reporting functionality.  We are introducing a comparison report.  This feature allows users to compare results from multiple machines.  You can even scan the same machine multiple times to ensure fixes have been implemented.  One use is to compare machines against a hardened machine.  This report is different than our single server report that provides detailed information including mitigation steps.  The comparison report only provides the basics so you can compare one server to another.