Free Windows Auditing Tool

Audit Software

Jump to a Section. Free PC Audit Pros & Cons. Thoughts on Free PC Audit. Free PC Audit is a portable, easy to use, free system information tool for Windows. This utility provides basic, but still useful information on various hardware components.

Free PC Audit also includes information on installed software and even active processes. This review is of Free PC Audit version 5.1, which was released on February 14, 2022.

Please let us know if there's a newer version we need to review. Free PC Audit gathers system information on both hardware and software, each separated into their own categories and then further divided into subcategories.

Free PC Audit Basics

Some of the sub-categories include information on the operating system, disk drives, monitor, network, CPU, user accounts, motherboard, startup items, running processes, RAM, and installed software. See the What Free PC Audit Identifies section at the bottom of this review for all the details on the hardware and operating system information you can expect to learn about your computer using Free PC Audit.

This isn't our favorite sys info tool, but you may find it fits the bill just fine:. Completely portable (requires no installation). Really easy to read and use. Save a full report as a text file. Shows a summary of each section.

Choosing a network security audit tool

Small download size. Can copy single lines of text out of the program. Works with recent versions of Windows. Unable to save a report of certain hardware or software components.

Not nearly as detailed as most other system information tools. Infrequently updated. General operating system and computer details, such as the Windows product key (in Windows 10 through XP), ID, version, build date, install date, and the computer's hostname and private IP address.

Works as a key finder program by showing product keys for Microsoft Office, Adobe, and Corel software. BIOS and motherboard's version number, date, and manufacturer. Processor details, like the manufacturer, maximum allowed clock speed, architecture, L2 cache size, socket type, and version.

A list of everything that starts up when you log into Windows, with the name of the program, its path, and its location in the registry.

Used and unused memory slots, complete with the total amount of physical memory that's installed and specific details for each used RAM stick, such as the capacity, device locator, bank label, form factor, speed, and maximum capacity.

What Free PC Audit Identifies

Local user account details, such as its name and domain it belongs to, SID, and description. Details for internal and external drives, including their serial number, size, file system, manufacturer, interface type (like USB), and number of bytes per sector, heads, cylinders, sectors, and tracks.

List of every program installed to Windows; shows the version number, product key (on some), publisher, install date, and total space the program takes up on the disk.

Disk drive information regarding its manufacturer, drive letter, and media type (like DVD writer). Information on the main monitor, such as the name, refresh rate, memory size, and current horizontal/vertical resolution.

List of currently running processes. Very basic printer details are included, like the name of the printer, its port name, and whether or not it's a network and/or default printer.

The Best Network Security Auditing Tools

The manufacturer of any audio devices. Network adapter details include the current status (whether it's connected or not), manufacturer, maximum speed, MAC address if DHCP is enabled, and info on its WINS and DNS servers.

List of every shared folder, with a name and path to the folder. Even at first glance alone, you can see just how easy Free PC Audit is to use. It's easy to tell what you're looking at because hardware, software, and other information is logically divided across the tabs near the top of the program window. We like that as you scroll through Free PC Audit, you can see a brief summary of each piece of hardware, and then it's as simple as expanding each line to see more detail.

Copying out data is a must-have for us. Free PC Audit lets you right-click any line of information and copy it straight from the program window without having to export anything, which is extremely handy if you're copying something like a file path or model number.

Learn about this free system information fool

We also appreciate how simple and informative most of the details are. Unfortunately, some of the information provided isn't so helpful, like what's provided for video cards. Compared to other system information tools, Free PC Audit shows next to nothing.

Download Free PC Audit. Network security auditing is an essential task for modern enterprises that involves auditing your IT assets and policies. An audit can help expose potential vulnerabilities.

It can also provide you with a high-order overview of the network which can be useful when trying to solve specific problems. Security audits can also give you an understanding of how protected your organization is against known security threats.

In this article, we take a look at the best network security auditing tools including port scanners, vulnerability scanners, patch managers, and more to help you audit your network for security concerns and stop security breaches. SolarWinds Network Configuration Manager EDITOR’S CHOICE Our top pick for network security auditing.

Configuration management tool with vulnerability scanning, reporting, and alerts.

Download a 30-day free trial.

  • Intruder (FREE TRIAL) A cloud-based vulnerability scanner with the monthly scans, on-demand scanning, and the services of a pen-testing team.
  • ManageEngine Vulnerability Manager Plus (FREE TRIAL) This package of system security checks sweeps your network and checks for security weaknesses.
  • Runs on Windows and Windows Server.
  • N-able RMM (FREE TRIAL) Remote monitoring and management software that includes a risk intelligence module to protect and report on PII.
  • Atera (FREE TRIAL) A SaaS platform for managed service providers that includes remote monitoring and management systems, such as its auditor report generator.
  • Netwrix Auditor Network security auditing software with configuration monitoring, automated alerts, and a Rest API.
  • Nessus Free vulnerability assessment tool with over 450 configuration templates and customizable reports.
  • Nmap Open-source port scanner and network mapper available as a command-line interface or as a GUI (Zenmap).
  • OpenVAS Vulnerability assessment tool for Linux users with regular updates.
  • Acunetix A Web application security scanner that can detect over 50,000 network vulnerabilities when integrated with OpenVAS.
  • Kaseya VSARMM software with IT asset discovery, custom dashboards, reports, and automation.
  • Spiceworks Inventory A free web-based network IT asset management tool that automatically discovers network devices via an on-site agent.
  • Network Inventory Advisor inventory scanning tool compatible with Windows, Mac OS, and Linux devices.

Metasploit Penetration testing tool that allows you to hack into exploits in your network. What should you look for in network security auditing tools? We reviewed the market for network security auditing tools and analyzed the options based on the following criteria:. A mix of automated vulnerability assessors and penetration testing tools.

Full activity logging for data protection standards compliance. Automated asset discovery a software inventory. Logfile and device configuration tamper protection. Nice to have linked patch manager and configuration manager. A free trial period for cost-free assessment or a free tool.

A system that offers value for money or a free tool that offers complete security sweeps. SolarWinds Network Configuration Manager is a device configuration and auditing tool that lets you manage the configuration of network devices. You can deploy configurations to devices inside your network.

You can also view unauthorized or incorrect configurations. Vulnerability assessment. Tamper protection. Compliance enforcement. Security audit trail. The Network vulnerability scanning feature monitors the network and automatically deploys firmware updates to outdated devices. Through the dashboard, you can view a range of data on status to view the state of your environment. For example, there is a mixture of lists and graphs detailing everything from Firmware Vulnerabilities to Security Policy Violations, Overall Configuration Changes, and more.

There are also additional features like reports and alerts.

The reporting feature enables you to generate audit reports on all network devices.

  • Alerts notify you about configuration changes and provide additional details about the changes and the login ID behind the changes.
  • If a change isn’t desirable then you can rollback to an archive copy.
  • Supports vulnerability scanning and lists action steps to correct issues.
  • Can automatically detect when configuration changes are made or are incorrect based on standards you set.
  • Can push out firmware updates automatically on a schedule.
  • Enterprise levels reporting and scalability.
  • Alerting is flexible, and can be set to notify recipients when configuration changes are made.
  • Not designed for home users, this is a tooldesigned for businesses environments operated by network professionals.
  • SolarWinds Network Configuration Manager is one of the top network security auditing tools because it gives you the ability to shut down vulnerabilities throughout your network.
  • Prices start at $1,687 (£1,273.54).
  • You can download a 30-day free trial.
  • SolarWinds Network Configuration Manager is our top pick for a security auditing tool because it offers document security assessments, automated solutions to tighten security, constant monitoring of network devices, and an audit trail for all configuration issues that are encountered.
  • As well as being a good tool for auditing this is an easy-to-use security enforcement tool.

Hackers know that they can ease their lateral movement by altering the settings of network devices and the automated configuration restoration feature in the Network Configuration Manager shuts that trick down. Download: Start 30-day FREE Trial.

Official Site:solarwinds.com/network-configuration-manager/registration. OS: Windows Server. Intruder is a vulnerability scanner that is delivered from the cloud. The basic function of the service performs a monthly scan of each customer’s system and launches intermediate scans if a new threat goes into the service’s threat intelligence database.

Choice of scan frequency. Database of 9,000 vulnerabilities. Great performance visuals. When a company signs up for the service and sets up an account, the first task that the tool performs is a full vulnerability check of the entire system.

This process repeats every month. Whenever an intruder gets an update to its threat intelligence database, it launches an intermediate scan on all of its customers’ systems, specifically examining the hardware and software that are vulnerable to the newly-discovered exploit. As it is based in the cloud, the intruder service sees your network as any outside hacker would see it.

The sweep covers every single element of IT infrastructure on the customer’s site and also those cloud services that the client uses. A scan covers 9,000 known vulnerabilities, including web application vulnerabilities to tricks such as SQL injection attacks and cross-site scripting.

Thanks to an agent that needs to be installed on the network, the Intruder scan also looks for vulnerabilities to insider threats.

Intruder is paid for by subscription.

  • Customers of the service have the option of three plans: Essential, Pro, and Verified.
  • The Essential plan gets you an automatic monthly scan.
  • The Pro plan gets the monthly scan plus a facility for on-demand vulnerability scanning.
  • The Verified plan includes the services of a human penetration testing team as well as the benefits contained in the Pro plan.
  • Sleek, highly visual with an excellent interface.
  • Can perform schedule vulnerability scans automatically.
  • Can scan all new devices for vulnerabilities and recommended patches for outdated machines.
  • Operates in the cloud, no need for an on-premise server.
  • Can assess vulnerabilities in web applications, databases, and operating systems.
  • Three-tiered pricing makes Intruder accessible to any size businesses.
  • While the tool is highly intuitive, it is still can require quite some time to fully explore all of the features of the platform.
  • Scans occur automatically once a month with the Essential plan.
  • On-demand scans aren’t available with that plan, but they are included with the Pro plan.

Intruder is available for a 30-day free trial. ManageEngine Vulnerability Manager Plus is a security system that scans a system for weaknesses and documents them and then implements measures to remove them. The system looks at installed software and device settings to indentify weaknesses that hackers are known to exploit.

These checks extend to endpoints and network appliances. Configuration tightening. Software assessments. Threat intelligence feed. The vulnerability scan is a periodic security audit and it provides an automated system check that is more thorough than manual procedures.

The sweeps are able to scan through devices running Windows, macOS, and Linux. It will look at the operating system of each device connected to the network and also search through all installed software. It can assess the settings of security tools, such as firewalls and will also audit web services and communication protocol settings to ensure that there are no weak points.

Agents installed on endpoints launch a vulnerability check every 90 minutes.

The service includes a subscription to a threat intelligence feed and this gets updated whenever a new vulnerability is discovered.

  • The arrival of a threat discovery triggers a system scan to detect the presence of that vulnerability.
  • Remediation measures in the tool include a patch manager that automatically detects the availability of software and operating system updates and will roll them out on a schedule.
  • The system will also recommend actions to take in order to close down any loopholes that it discovers during its vulnerability scans.
  • Great for proactive scanning and documentation.
  • Robust reporting can helps show improvements after remediation.
  • Built to scale, can support large networks.
  • Flexible – can run on Windows, Linux, and Mac.
  • Backend threat intelligence is constantly updated with the latest threats and vulnerabilities.
  • Supports a free version, great for small networks.
  • The ManageEngine ecosystem is very detailed, requiring time to learn all of its features.
  • Vulnerability Manager Plus is runs on Windows and Windows Server and it is available in three editions: Free, Professional, and Enterprise.
  • The free version is limited to monitoring 25 computers.
  • The Professional edition covers one site and Enterprise edition covers WANs.
  • Both paid systems are offered on a 30-day free trial.

N-able RMM is a cloud-based remote monitoring and risk management tool that enables a central IT department to manage several sites simultaneously. Many businesses need to be able to track the use of data for data security standards compliance and getting data access tracking built-in with a monitoring tool is a great help.

N-able RMM has network security auditing tools built-in to get your system compliant to standards such as PCI-DSS and HIPAA. Suitable for MSPs. Compliance auditing. PII tracking and protection. The remote monitoring and management tools in N-able RMM include PII exposure vulnerability assessments. The usage analysis system included with the RMM enables data managers to identify data usage trends and manage data risk.

The N-able RMM system includes a Risk Intelligence module, which locates all PII and tracks access to it. Ad hoc scans in the package are particularly useful for data security compliance auditors.

These include inappropriate permissions discovery and reports on leaked or stolen data. Other standard maintenance tools in the RMM service help to protect data from accidental loss. For example, the RMM includes a comprehensive backup and restore function.

Digital security features in the bundle include endpoint detection and response to secure desktop devices.

Patch management keeps all firmware and operating systems up to data and closes down exploits in software.

  • The N-able RMM service also includes an anti-virus package and a firewall for the entire network and all of its devices.
  • Designed for MSPs to provide network security and audit reports.
  • Can handle large scale multi-tenant businesses with ease.
  • Dashboard is highly customizable with a number of premade visualizations and widgets.
  • Can monitor data usage trends to detect data theft and malware.
  • Built-in backup and recovery. Designed for MSPs and large businesses, not the best option for small networks and home users.
  • N-able RMM is charged for by subscription and there are no installation fees.
  • You can get a 30-day free trial to check out all of the services in N-able RMM risk-free.
  • Related post:Network Configuration Management Software.
  • Atera is a package of services for monitoring and management tools for remote systems.
  • The SaaS platform also has a section of utilities designed for use by the management team of a managed service provider.

Among all of the tools in this bundle is a reporting facility that can generate a range of system audit reports. Suitable for MSPs. Subscription per technician. Security auditing reports. The service is designed for use by managed service providers.

When a system is enrolled in the service, the Atera server downloads an agent onto the target network. This uses SNMP to gather information on each of the devices composing the network. The result of this scan is a network asset inventory, which is updated constantly and provides a basis for all of the automated network monitoring activities of the package.

That network monitor works on a system of performance expectation thresholds, which trigger alerts if problems are detected. Atera offers a network mapping system as a paid add-on. A remote monitoring system that is easy to set up and enroll new clients. A flexible reporting tool that runs off status reports and activity audit reports.

A network inventory that includes the age of each device. A network discovery system that is constantly updated. No site agent for Linux. Network mapper costs extra. Atera is a subscription service and there are three plan levels for the service. This makes the package suitable for businesses of all sizes. As it is a SaaS platform, you don’t need to host any software on-site and all of the operating data and performance records are stored on Atera’s cloud server.

You can get a free trial to assess the package.

Netwrix Auditor is a network security auditing software that can monitor configuration changes in your environment.

  • Through the dashboard, you can view information on system changes including Action, Who, What, When, and Where.
  • All of the information provides you everything you need to know about the nature of the changes and what happened.
  • Identify users accessing data.
  • Full audit reports.
  • Security controls.
  • The user can also view the same information about login attempts and port scanning attempts.
  • Failed logins are marked with a red box, which helps you to see immediately if someone is trying to break into your network.
  • You can also view hardware monitoring information on CPU temperature, power supply, and cooling fan status.
  • An alerts system provides an automated incident response.
  • You can configure scripts that Netwrix Auditor will execute when an alert is generated.
  • For example, if a divide fails then you can configure the settings to generate a Helpdesk ticket for your team to start the remediation process.
  • Offers detailed auditing and reporting that helps maintain chain of custody for sensitive files.

Offers hardware and device monitoring to track device health alongside security. Allows sysadmin to implement automated remediation via scripts. Integrates with popular help desk platforms for automatic ticket creation.

Trial could be a bit longer. Can have issues supporting Cisco network devices. Alerting could be made more intuitive. Netwrix Auditor is one of the top network security auditing tools for those who want a solution with automation and a rest API. There is a free community edition, but you’ll have to purchase the software if you want to view more in-depth detail on network events.

Contact the company directly for a quote. You can download the 20-day free trial. Nessus is a free vulnerability assessment tool that can be used for auditing, configuration management, and patch management. Nessus is well-equipped to confront the latest threats releasing plugins for new vulnerabilities within an average of 24 hours.

Plugins are added automatically so the user is ready to discover new cyber-attacks.

Configuration templates.

  • Issue severity categorization.
  • Configuring Nessus is easy because you have the support of over 450 different configuration templates.
  • For example, there is a range of scan templates including Basic Network Scan, Advanced Scan, Malware Scan, Host Discovery, WannaCry Ransomware, and more.
  • The variety of templates makes it easy to find the vulnerabilities you need.
  • You can also generate customizable reports to reflect on new entry points.
  • Create reports detailing specific vulnerabilities by host or plugin.
  • For example, you could generate a Hosts Executive Summary report and see how many hosts are categorized as Critical, High, Medium, Low, and Info.
  • Reports can be created in HTML, CSV, and .nessus XML to share with your team.
  • Offers a free vulnerability assessment tool.
  • Simple, easy to learn interface.
  • Little configuration needed, 450+ templates that support a range of devices and network types.
  • Prioritization is easy to tweak for different events.
  • The paid version is a more expensive enterprise solution, not the best fit for smaller networks.

How does an IT audit differ from a security assessment?

Best File Server Auditing Tools

Limited integration options. Scans can slow the system down and use a large number of resources. Nessus is ideal if you’re looking for an auditing solution that is equipped to discover new online threats.

The Essentials version of Nessus is available for free and can scan up to 16 IPs. Paid versions start at $2,990 (£2,257) for Nessus Professional, which comes with a one-year subscription and unlimited IPs. You can start with Nessus Professional on a 7-day free trial.

Nmap is an open-source port scanner and network security scanner. With Nmap, you can discover hosts and find open ports vulnerable to being attacked. The software tells you whether ports are open, closed or filtered, via a command-line interface.

The interface also tells you additional information such as the Port, State, Service, and Version of entities discovered. You can use the program to identify what OS version a piece of software is running so that you can patch any glaring weaknesses.

Command line utility. GUI front-end called Zenmap. There is also the option to create automated scans. Nmap allows you to write scripts in Lua to run scans automatically. Automating scans is beneficial because it saves you time so that you don’t have to run scans manually to discover vulnerabilities.

If you’re not a fan of command-line interfaces then you can switch to Zenmap, the GUI version of Nmap. With Zenmap the user can save scan profiles and run common scans without having to manually set up a scan every time.

You can also save scan results to review later on. Entirelyfree and open-source tool.

Comments are closed.