If you are interested in Linux security, this is the place for you. The internet has many resources to offer, but the high-quality content is hard to find. The focus of this blog is Linux and UNIX security. Most articles will be about auditing, system hardening, and compliance.


Our goal is to write high-quality content and make it freely available. This way you can use it to secure your systems. Missing a particular subject on the blog or found something that is relevant? Let us know!

Who is writing?

Many of the articles are written by security specialist Michael Boelen. Michael is a security developer and founder of CISOfy. He covers topics within Linux security, from system hardening to compliance and regulations.

About CISOfy

This blog is sponsored by CISOfy. Resources are invested into this blog to make Linux security accessible to a wider audience, from system administrators to auditors and developers.


Your comments, ideas, and feedback are welcome! If there is a particular subject you want to see covered in an article, then contact us. Please send us an email at blog @ cisofy.com.

About CISOfy


Lynis (Linux/Unix auditing tool) screenshot

Screenshot of a Unix security audit performed with Lynis.

Lynis is a battle-tested technical security audit tool. It is open source, freely available, and used by system administrators all over the world. Other users include IT auditors, security professionals like pentesters. Lynis can also be used as a client component in the Lynis Enterprise solution.

Lynis Enterprise Suite

For those who maintain more than 10 systems, there is the Lynis Enterprise Suite. It is much more than just Lynis. It includes a central management interface, additional plugins for Lynis, reporting capabilities, a custom implementation guide and more helpful information. For example, it contains extended information regarding each security control. Besides that, it will show you how to solve a finding, manually or with ready-to-use hardening snippets.