Use of Microsoft Baseline Security Analyzer

[Benjamin Stein <bgstein () UCDAVIS EDU>]

Hello all,

Are any of you using Microsoft Baseline Security Analyzer (MBSA) to regularly scan servers and desktops for missing 
patches?

We are having a discussion internally about differences between the report from Microsoft's tool and another vendor's 
patch management tool.  MBSA is reporting missing patches that the other tool is not.

Is MBSA broadly used and trusted?

Also wondering if anyone is successfully using mbsacli with lists of computers reliably or if various factors 
(permissions, firewalls, power-downs, etc.) make it too difficult to use broadly?

Thanks,

Ben


Benjamin Stein
Information Security Officer
California Cancer Reporting and Epidemiological Surveillance (CalCARES) Program
Institute for Population Health Improvement
UC Davis Health System
1631 Alhambra Blvd, Ste. 200
Sacramento, CA, 95816
Phone:  916-731-2563
Email:  bstein () ccr ca gov<mailto:bstein () ccr ca gov>

The CalCARES program partners with the California Department of Public Health to manage the operations of the state 
mandated California Cancer Registry program