Download a 12 month subscription to ASSET, a comprehensive SQL Server vulnerability scanner

ASSET - Automated SQL Security Evaluation Tool (1Yr - Per AD Domain*)

Regular price
Sale price
Regular price
Sold out
Unit price

SQL Server Vulnerability Scanning Done Right

Looking for a reliable SQL Server vulnerability scanning tool to help evaluate your SQL server's security posture against DISA's Security Technical Implementation Guidelines (STIGs)?

ASSET automates DISA's manual SQL 2014 & 2016 STIG checks against SQL servers and produces instance and database checklists in the required .xccdf 1.1 xml format, saving you hours—if not days—of tedious and error-prone manual labor. When you use ASSET to execute your SQL STIG checks, it will:

  • Quickly and reliably perform nearly ALL of the DISA mandated SQL STIG vulnerability checks
  • Automatically evaluate scan results, assigning the appropriate status (Not a Finding, Open, Not Applicable) where possible, and...
  • Provide the information necessary to support that status, or facilitate any further review
  • Include customizable Finding Details language based on scan results
  • Output directly to a DISA SQL 2014 or 2016 STIG checklist. (No more copying and pasting the results from your own ad-hoc scripts into the checklists!)
  • Produce the both Instance and/or Database checklists
  • Target multiple databases on a single SQL server at once and automatically produce individual checklists for each one
  • Supports Windows and SQL Authentication
  • Unattended execution features for seamless integration with other scanning tools
  • Open-Source version available (with signed contract) if local command requires it


  • Windows 64-bit Operating System with:
    • .NET 4.5 or higher 
    • PowerShell 5 or higher
    • Execution policy remotesigned

This is a one year subscription download - Per AD Domain license*.  Expires 11/1/2022.

*Initial download will be a 30-day, unlimited license, un-tethered to any domain.  You must contact us at and provide domain information for the full 12-month AD Domain licensed version.