Auditing articles

Last change: 2025-01-06

Learn about the most important changes that form the major 3.x release of the Lynis project, including security enhancements and new tests.

Last change: 2025-01-06

Vulnerability management is an important process to deal with vulnerabilities in software and hardware. At the same time it can become challenging very quickly.

Last change: 2025-01-06

How to deal with Linux vulnerabilities? This article shares the insights, methods, and tools to help with detection and prevention on Linux systems.

Last change: 2025-01-06

This is the technical Linux guide to achieve compliance with the PCI DSS standard. Become compliant, with Linux tips for configuration and auditing.

Last change: 2025-01-06

The tiger tool was known for a long time to help with auditing Unix-based systems. Fortunately there are new tools that are better maintained.

Last change: 2025-01-06

Your Linux systems should be protected against common security attacks. By using 4 common techniques, we can fortify our systems like a real fortress.

Last change: 2025-01-06

PCI DSS requires logging of administrative actions, including commands executed by the root user or using sudo. Learn how to set up accounting and auditing.

Last change: 2025-01-06

Hardening guides, and the CIS benchmarks in particular, are a great resource to harden your system. But there are alternatives.

Last change: 2025-01-06

PCI DSS compliance requires you to verify if no application processes are running as root. We audit these application processes and check the status of each.

Last change: 2025-01-06

Snoopy is a useful utility to log commands on Linux and create a related audit trail. Auditing trails are considered to be important for proper accounting.

Last change: 2025-01-06

By dropping privileges a process can be better protected against attacks. Learn how this applies to Linux systems and software.

Last change: 2025-01-06

After extensive auditing and analysis of the results, the time is there to prioritize audit findings. Learn how to apply impact, urgency and effort.

Last change: 2025-01-06

Protecting computer networks consists of implementing preventative measures, including system auditing. Let's have a look how this relates to Linux.

Last change: 2025-01-06

Overview of tools and hardening guides to implement system hardening for Red Hat Linux. Also applies Fedora, CentOS and Scientific Linux systems.

Last change: 2025-01-06

In-depth article about auditing Linux processes. Determination of running processes, memory and on-disk structure and the proper tools for analyzing them.

Last change: 2025-01-06

When auditing a Linux system, it might be hard to determine what to audit actually. This article will provide some guidance and tips.

Last change: 2025-01-06

Article about Linux server security and guidance for securing your Linux systems. Focus on auditing, hardening and compliance, to improve security defenses.

Last change: 2025-01-06

Article about Linux / Unix auditing with a focus on the usage of Lynis for auditors. Simplifying the work of the auditor and increasing the quality of work.

Last change: 2025-01-06

This article describes what a security audit is and why or when to use it. System audits also apply to Linux systems as part of technical auditing.

Last change: 2025-01-06

This article provides tips for FreeBSD hardening by using a powerful tool named Lynis. This script will perform an extensive audit to secure your systems.

Last change: 2025-01-06

Article about a tool within CAATTs for Linux: Lynis. Helping auditors with computer-assisted audit tools and techniques, with focus on Linux and Unix scans.

Last change: 2025-01-06

This article describes how to audit the network configuration of Unix and Linux based systems, with useful tips for auditors and system administrators.