XIA Configuration

Windows Server Security Audit Tool

Harden the security of your Windows servers and workstations

Perform a security audit on your Windows servers and workstations with our auditing tool XIA Configuration.

  • Harden Security. Use the Windows compliance benchmark to determine if your computers meet Microsoft best practices
  • Enhance Auditing. Run reports to find servers that do not meet the requirements of your organization
  • Track Changes. Detect changes to the configuration of your Windows machines
  • Expose Vulnerabilities. Check that your settings and security policies are configured correctly

View all features >

XIA Configuration has a non-intrusive architecture with agentless data collection and PowerShell support.

Screenshot of the Windows basic compliance benchmark in the XIA Configuration web interface

To see all the Windows settings supported by XIA Configuration, navigate up to Windows.

Security Summary

Provides a summary of security related information.

Show Details
  • Machine SID
  • Computer Domain SID
  • Local Administrator Account Information
  • Guest Account Information
  • Local Administrators Group Information
A screenshot showing a Windows machine security summary
This screenshot shows the security summary of a Windows machine in the XIA Configuration web interface

Account Policies

Audit your effective account policies, applied either locally or by group policy.

Show Details

Account Lockout Policy

  • Account lockout duration
  • Account lockout threshold
  • Account lockout reset duration

Password Policy

  • Enforce password history
  • Maximum password age
  • Minimum password age
  • Minimum password length
  • Password must meet complexity requirements
  • Store passwords using reversible encryption
A screenshot showing local account policy settings
Audit your local account policy settings

Advanced Audit Policy

Check Advanced Audit Policy configuration on your Windows machines.

Learn more
A screenshot showing advanced audit policy settings
Check your advanced audit policy settings

Audit Policy

Assess your Audit Policy settings.

Show Details
  • Account logon events
  • Account management
  • Active Directory service access
  • Logon events
  • Object access
  • Policy change
  • Privilege use
  • Process tracking
  • System events
A screenshot showing audit policy settings
View your audit policy settings

Local Administrator Password Solution (LAPS)

Audit Local Administrator Password Solution (LAPS) settings for each computer joined to your Active Directory domain.

Learn more
A screenshot showing Local Administrator Password Solution settings
Audit your Local Administrator Password Solution settings

Local Group Accounts

Provides information on local group accounts.

Show Details
  • Name
  • Description
  • Security Identifier
  • Members
A screenshot showing local group accounts
Check your local group accounts

Local User Accounts

Provides information on local user accounts.

Show Details
  • Name
  • Description
  • Account Enabled
  • Password Never Expires
  • Full Name
  • SID
  • Last Login
  • Password Expired
  • Password Last Set
  • User Cannot Change Password
  • Profile Path
  • Login Script
  • Home Drive
  • Home Directory
A screenshot showing local user accounts
View your local user accounts

Machine Certificates

Check the SSL certificate expiration date in Windows across your environments. Execute the SSL Certificate Report to easily find certificates that have expired or are close to expiry.

Learn more
A screenshot showing machine certificate details
Audit your certificates

Microsoft Defender

Audit your antivirus settings.

Show Details

General Settings

  • Product Version
  • Engine Version
  • Real Time Protection Enabled
  • Tamper Protection

Antivirus Signature

  • Antivirus Signature Last Updated
  • Antivirus Signature Version


  • Cloud Delivered Protection Enabled
  • Automatic Cloud Sample Submission


  • Excluded Exclusions
  • Excluded Paths
  • Excluded Processes
A screenshot showing Microsoft Defender settings
Check your Microsoft Defender settings

Security Options

Audit your security options.

Show Details
  • Display name - for example "Interactive logon: Do not require CTRL+ALT+DEL"
  • Configured Setting
  • Configuration Source (Local / Group Policy)

Secure channel (SCHANNEL) settings for SSL 3.0, TLS 1.0, TLS 1.1 and TLS 1.2 are read on Windows Server 2012 and above.

A screenshot showing security options settings
View your security options settings

User Rights Assignment

Audit User Rights Assignment settings on your Windows servers and workstations.

Learn more
A screenshot showing the user rights assignment compliance benchmark results
Use XIA Configuration's compliance benchmark to check your user rights assignment settings meet security best practices

Windows Firewall with Advanced Security Configuration

Create firewall documentation for all the Windows machines in your environments.

Learn more
A screenshot of Windows firewall inbound rules
Audit your Windows firewall rules

Windows Patches

This section provides information about the system-wide updates (commonly referred to as a quick-fix engineering (QFE) updates) that have been installed.

Show Details
  • HotFix ID
  • Description
  • Installed By
  • Installed On (Date)
A screenshot showing Windows patches
Check the Windows patches installed on your Windows machines

Windows Update Configuration

Audit Windows Update configuration on your servers and workstations.

Learn more
A screenshot showing Windows update settings
Audit your Windows update configuration

Windows Update History

Check the Windows update history on your servers and workstations.

Show Details
  • Action Date
  • Title
  • Operation
  • Result
A screenshot showing Windows update history
View your Windows update history

For more information about Windows, please view the Windows page.

Try our Windows server security audit tool for free