CIS is a free security scanner written and maintained by Cerberus 
Information Security, Ltd and is designed to help administrators locate 
and fix security holes in their computer systems. Runs on Windows NT or 
2000. 

Features: 


* Takes a modular approach. Each scan module is implemented as a DLL so 
when an update to a particular module occurs the user only needs to 
download the updated DLL. Added to this the user can choose which modules
they want to run.

* Comprehensive  - pushing around 300 checks. As far as scanning web 
servers goes CIS is one of the best. When compared against the market 
leading scanners CIS usually finds more security issues.

* Hidden Command line capability - run scans in the background. This means
that if a user wants to scan a large number of hosts they can implement 
this in a batch file and once a scan has started control is returned to 
the command prompt so the next and subsequent scans can start immediatley.
C:\CIS\>cis host

* Scan modules include WWW, SQL, ftp, various NT checks, SMTP, POP3, DNS,
finger and more

* Backed by one of the World's best security teams, the CST (Cerberus
Security Team).

* Reports generated are HTML based with hyper-text links to more 
information

* Easy to use Graphical User Interface

* Multi-threaded so scan time is minimized.

* Light on memory usage

* Updated on a very regular basis

The CIS homepage is located at:

	http://www.cerberus-infosec.co.uk/cis.shtml