In the days of corporate lore I faced system hardening challenges driven by Nessus. Now because Nessus isn’t FOSS (Free Open Source Software) it’s not something I can use in my current role. There is an Open Source fork from Greenbone – but there’s some attractive thinking into using Lynis as a build validation tool.
Lynis is a battle-tested security tool for systems running Linux, macOS, or Unix-based operating system. It performs an extensive health scan of your systems to support system hardening and compliance testing. The project is open source software with the GPL license and available since 2007.https://cisofy.com/lynis/#introduction
First off it’s VERY easy to use. It doesn’t require a server and can be pulled down from github and run with no compilation required.Continue reading