Microsoft has released a new tool called Microsoft Best Practice Analyzer for ASP.NET.  This tool scans the configuration of an ASP.NET 2.0 application. The tool can scan against three mainline scenarios (hosted environment, production environment, or development environment) and identify problematic configuration settings in the machine.config or web.config files associated with your ASP.NET application.

 

This tool is current in alpha right now and Microsoft is counting on your feedback on how to proceed with this tool.  I found it's pretty helpful in the scenarios I've run so far.  It is very easy to use and much like the Microsoft Security Baseline Analyzer that I put on all of my machines.

 

Below is a sample of the output from one of the test runs I did on a Virtual PC of mine.

 

 

 So, give the tool and try and let them know what you think!