Microsoft Baseline Security Analyzer

Category: Vulnerability Scanners
Website: http://www.microsoft.com/technet/security/tools/mbsahome.mspx
Manufacturer: Microsoft
Operating System: Windows

Description:
Microsoft's response to GFI and NeWT, not as powerful as either but does provide some data that the others do not, directory structure, share permissions, office patches and others. Since it's Microsoft based all needed patches are easily downloaded and installed. The app is of little to no worth for hackers though do to the fact that you must have admin privileges on the machine you want to scan. Not a great tool but it does have value to system administrators.

Strengths:
Very user-friendly. Scans Office, Media Player and others that aren't usually scanned by others.

Weaknesses:
Not as powerful as GFI or NeWT. Unable to scan machines using a NULL session or alternative credentials.

Target:
Windows Servers

Mitigation/Recommendation:
Keep server well patched

Price:
Free

Penetration (4):
medium-low Rarely used by hackers, mainly used by IT professionals who already have access to a certain machine.

Simplicity (9):
Very easy to use

Damage Potential (1):
Minimal Data Gathering only