2016-06-21 Michael BoelenVulnerabilities Leave a comment

Why Auditing and Vulnerability Scanning are Different Things

Why Auditing and Vulnerability Scanning are Different Things As the author of Lynis, we hear often the question: It is like Nessus, right? It seems that everything is compared with Nessus, especially when it comes to Linux security. Surprise, it is not. Let’s get things straight, and talk about the benefits of both. Vulnerability Scanning Scanners like Nessus and OpenVAS are great tools. You drop a system in the network and start scanning. The scanner then usually starts with a ping […]

2016-04-21 Michael BoelenVulnerabilities Leave a comment

Vulnerability Scanning: The Destiny to Disappointment?

The Need Of Vulnerability Management Our digital world is full of hardware and software components. The big difference between the two is the quality. When hardware ships with defects, people will return it and talk badly about it. For software it is fine if things are not perfect from the beginning. It can be improved upon in steps, until most of its users are happy with it. Developers of this software often are some level of pressure. We already know […]

2015-11-03 (last updated at July 5th, 2018) Michael BoelenVulnerabilities Leave a comment

Linux vulnerabilities: from detection to treatment

If you worked with a computer the last decade, you know the importance of keeping your software up-to-date. Those who don’t, are stacking up vulnerabilities, waiting for them to being exploited by others. Although Linux and most software are open source and can be reviewed, security flaws in software packages remain. While it isn’t easy to close every vulnerability on your system, we can at least create a stable process around it. This guide explains what is available, from vulnerability to […]

2015-06-22 Michael BoelenAuditing, Defensive Security, Hardening, Vulnerabilities Leave a comment

Forget Linux Vulnerability Scanning: Get Better Defenses

Building Defenses Beyond Linux Vulnerability Scanning Every month or so, I get a few questions about the vulnerability capabilities Lynis has to offer. It made me think about this subject and I realized something: Many security professionals are still focusing too much on vulnerabilities. They want to know their security gaps, so they can know where they stand. While this isn’t a bad approach, there might be a better solution. The solution I will discuss today is to focus on (permanent) […]