• Scan and analyze an entire network domain and/or a single machine.
• Select multiple machines within a domain, if a subset analysis is desired.
• Select or ignore specific vulnerabilities via configuration files.
• Receive an analysis of vulnerabilities, with detailed information relating to the name, description, and risk level of each vulnerability.
• Eliminate the vulnerability using recommended solutions with links to related Web sites and knowledge-base articles.
• Correct a vulnerability across the network with a single mouse click with the AutoFix function.
• Retest corrected vulnerabilities immediately and be confident that vulnerabilities have been eliminated.
• Track vulnerability trends via analyses comparing current and previous assessments.
• Customize network status reports for management and technical personnel with comprehensive reporting of selected machines or entire domains.
• Stay current with newly discovered vulnerabilities and get regular functionality enhancements by subscribing to the monthly update service.

Empowers the administrative organization to implement corrective action based on descriptive information for both the problem and the solution. The “AutoFix” button provides a single button press solution for many vulnerabilities. “Batch AutoFix” applies the corrective action to multiple computers.

Provides complete assessment information including:
• Name
• Risk Level (High, Medium, Low, Warning)
• Description
• Solution (includes location of patch)
• Related Web Links
• Relevant Advisories and Knowledge-Base Articles
• Link to Mitre web page containing Common Vulnerabilities
and Exposures (CVE) information

Vulnerabilities are identified through engineered signatures, not simulated attacks. Computers will not be harmed and network bandwidth available to users will not be degraded due to a scan.

• Based on solid security research, solutions testing, and software product maintenance.
• Scans for more Windows vulnerabilities than other comparable tools.
• Results in the least amount of “false positive” reports (reports that indicate a vulnerability where none exists).
• Scans for third-party applications as well as operating system vulnerabilities.
• Scans for vulnerabilities in Windows NT, Windows 2000/XP, Red Hat / Mandrake Linux and Sun Solaris UNIX.
• A deep analysis is performed, not a surface validation.

Provides a configuration editor to allow user tailoring of which vulnerabilities are scanned.

New vulnerabilities are identified frequently and incorporated into an update available to customers.

Extensive reporting capability that provides a full set of reports displaying information ranging from quick summary graphics to full and detailed disclosure of all vulnerabilities found.

Reports include:
• Executive Summary
• Network Summary
• Vulnerability Summary
• Detailed Vulnerability List
• and more ...

STAT Scanner uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer vulnerabilities and contains the latest SANS/FBI top 20 vulnerability list. It also uses the latest CERT, CIAC and FedCIRC (Department of Home Security) advisories.