// SERVER PARITY VALIDATION

EVERY SERVER.
EVERY DIFFERENCE.
FULLY DOCUMENTED.

SECP validates configuration parity between any two Windows servers — on-prem to AWS, dev to prod, or server to server. Run the PowerShell collector on each machine, upload the ZIP exports, and the engine automatically checks 25 categories spanning services, applications, network config, open ports, .NET versions, SQL instances, certificates, firewall rules, and more. Findings are ranked critical, warning, or informational — so your team knows exactly what must be fixed. Pre-register your server fleet in the registry for automatic environment detection and baseline tracking.

Launch App ⬇ Download Collector 🔍 Collector Overview Learn More
25
Comparison Categories
26
Collector Modules
4
Report Types
PS1
Collector Format
// HOW IT WORKS

Five steps. Zero guesswork.

From raw server to migration report in under an hour.

01
Download Collector
Get Invoke-ServerInventory.ps1 — a single PowerShell script that runs as Administrator and executes 26 collector modules covering every major area of server state.
02
Run on Each Server
Execute Invoke-ServerInventory.ps1 on each Windows server. The script runs 26 collector modules capturing services, applications, network config, open ports, .NET versions, SQL instances, and more — packaging everything into a ZIP file for upload. Optional SHA256 file hashing with -EnableSHA256.
03
Upload ZIPs
Drag-and-drop or browse to upload the ZIP. A live per-file status panel shows all 12 inventory files being processed. Each server gets a nickname, environment type, and role.
04
Create Profile
Pair one baseline server with one or more AWS targets. Optionally exclude specific services or apps that are expected to differ.
05
Run & Export
Click Run Comparison. The engine checks all 25 categories, scores severity, and generates one of 4 report types — detailed, trend analysis, fleet overview, or executive summary.
// WHAT GETS COMPARED

25 categories. Full coverage.

Every comparison run checks all categories simultaneously. AWS-native services (SSM Agent, EC2Launch, CWAgent, etc.) are automatically excluded from service diffs.

✓ Services
✓ Applications
✓ Scheduled Tasks
✓ Scheduled Task Details
✓ IIS Sites & App Pools
✓ Filesystem
✓ Folder Structure
✓ Windows Features
✓ Environment Variables
✓ Certificates
✓ Firewall Rules
✓ Patches / Hotfixes
✓ Server Specs (CPU/RAM)
✓ Local Administrators
✓ Network Config
✓ Open / Listening Ports
✓ DNS Client Settings
✓ Time & NTP Config
✓ Hosts File Entries
✓ .NET Versions
✓ SQL Server Instances
✓ Startup Programs
✓ SMB Shares
✓ Local Security Policy
✓ Device Drivers
// PLATFORM FEATURES

More than just comparison.

SECP includes a server registry, environment baselines, upload history, per-file progress display, and 4 report types for every audience — from sysadmin checklists to executive summaries.

📋
Server Registry
Pre-register all your servers by hostname across 5 SDLC environments (development, state_test, UAT, performance, production). When a ZIP is uploaded, the hostname is matched automatically — environment type and role are pre-filled.
🏆
Environment Baselines
Designate one server per SDLC environment as the canonical baseline. Dashboard shows sync status per environment — how many servers are in-sync, out-of-sync, not yet compared, or not scanned.
📂
Upload History
Every upload is retained. View all inventory versions for a server over time, compare across uploads, and track drift.
📊
Per-File Progress
Uploading a ZIP shows a live status panel with all 12 expected inventory files listed individually — each file's processing status updates from pending → uploading → processing → found/missing.
📄
PDF Reports
Full migration-ready PDF reports with severity-banded findings, per-category summaries, and executive overview. HTML export also available.
🔐
Expiry Warnings
Certificate comparisons include 30/60/90-day expiry banding so near-expiry certs are surfaced as warnings before go-live.
📈
Trend Analysis
Track a server's match percentage across every comparison run. Identify slow drift before it becomes a critical issue.
🌐
Fleet Overview
One page showing which categories cause the most findings fleet-wide, your top offending servers, and compliance distribution.
🔧
Remediation Checklist
Auto-generated action items from every finding, grouped by server and prioritised by severity. Hand it directly to your sysadmin.
📊
Executive Summary
Fleet health in one printable page: total servers, compliance percentage, open critical findings, and top risk categories.
Scheduled Reports
A cron scheduler re-runs your profiles automatically, always refreshing the stalest one first. Completed runs push a Telegram summary and a platform Herald alert — critical findings raise the alert level so nothing slips through.
📥
CSV Export
Download all server uploads or any run's findings as CSV for spreadsheets and external tracking — in addition to the HTML and PDF reports.
// SEVERITY LEVELS

Every finding is ranked.

The engine assigns severity based on what's missing and what differs. You know at a glance what must be fixed before go-live versus what can be addressed post-migration.

⚠️
Critical
Required components missing from the target server. Must be resolved before go-live. Examples: missing apps, absent scheduled tasks, absent Windows features.
Warning
Differences that may cause issues. Should be reviewed. Examples: version mismatches, different service startup types, changed environment variable values.
ℹ️
Info
Informational differences that may be expected in an AWS environment. Review for awareness. Examples: firewall rules that differ between environments.
// GET STARTED

Ready to validate your migration?

Launch SECP to upload your first server inventory, or download the PowerShell collector to start gathering data from your servers today. No configuration required — just run and upload.

Launch App ⬇ Download Collector 🔍 Collector Overview