Defensive Security

Forget Linux Vulnerability Scanning: Get Better Defenses

Vulnerability scanning focuses on weaknesses, or negative aspects of information security. Wouldn't it be better if we focus on the positive, the actual defenses?

Summary of Forget Linux Vulnerability Scanning: Get Better Defenses

Every month or so, I get a few questions about the vulnerability capabilities Lynis has to offer. It made me think about this subject and I realized something: Many security professionals are still focusing too much on vulnerabilities. They want to know their security gaps, so they can know where they stand. While this isn’t a bad approach, there might be a better solution. The solution I will discuss today is to focus on (permanent) processes, instead of vulnerability scanning.

Read the full article…