Auditing
Major release: Lynis 3.x
Learn about the most important changes that form the major 3.x release of the Lynis project, including security enhancements and new tests.
Vulnerability Scanning: The Destiny to Disappointment?
Vulnerability management is an important process to deal with vulnerabilities in software and hardware. At the same time it can become challenging very quickly.
Linux vulnerabilities: from detection to treatment
How to deal with Linux vulnerabilities? This article shares the insights, methods, and tools to help with detection and prevention on Linux systems.
In-depth Linux Guide to Achieve PCI DSS Compliance and Certification
This is the technical Linux guide to achieve compliance with the PCI DSS standard. Become compliant, with Linux tips for configuration and auditing.
Tiger is History, Long Live Modern Alternatives!
The tiger tool was known for a long time to help with auditing Unix-based systems. Fortunately there are new tools that are better maintained.
Security Defenses to Fortify your Linux Systems
Your Linux systems should be protected against common security attacks. By using 4 common techniques, we can fortify our systems like a real fortress.
PCI DSS Linux: Logging of administrative actions with root privileges
PCI DSS requires logging of administrative actions, including commands executed by the root user or using sudo. Learn how to set up accounting and auditing.
Using Open Source Auditing Tools as alternative to CIS Benchmarks
Hardening guides, and the CIS benchmarks in particular, are a great resource to harden your system. But there are alternatives.
PCI DSS (v3) for Linux: Auditing application processes (A.1.2.a)
PCI DSS compliance requires you to verify if no application processes are running as root. We audit these application processes and check the status of each.
Creating audit trails – Logging commands on Linux with Snoopy
Snoopy is a useful utility to log commands on Linux and create a related audit trail. Auditing trails are considered to be important for proper accounting.
How and why Linux daemons drop privileges
By dropping privileges a process can be better protected against attacks. Learn how this applies to Linux systems and software.
Security Audits – How to Prioritize Audit Findings
After extensive auditing and analysis of the results, the time is there to prioritize audit findings. Learn how to apply impact, urgency and effort.
Audit security events on Unix systems
Protecting computer networks consists of implementing preventative measures, including system auditing. Let's have a look how this relates to Linux.
Hardening Guides and Tools for Red Hat Linux (RHEL)
Overview of tools and hardening guides to implement system hardening for Red Hat Linux. Also applies Fedora, CentOS and Scientific Linux systems.
Auditing Linux processes: The Deep Dive!
In-depth article about auditing Linux processes. Determination of running processes, memory and on-disk structure and the proper tools for analyzing them.
Auditing Linux: what to audit?
When auditing a Linux system, it might be hard to determine what to audit actually. This article will provide some guidance and tips.
Linux server security: Three steps to secure each system
Article about Linux server security and guidance for securing your Linux systems. Focus on auditing, hardening and compliance, to improve security defenses.
Lynis for Auditors: Linux and Unix auditing
Article about Linux / Unix auditing with a focus on the usage of Lynis for auditors. Simplifying the work of the auditor and increasing the quality of work.
What is a security audit?
This article describes what a security audit is and why or when to use it. System audits also apply to Linux systems as part of technical auditing.
FreeBSD hardening with Lynis
This article provides tips for FreeBSD hardening by using a powerful tool named Lynis. This script will perform an extensive audit to secure your systems.
CAATTs for Linux: Lynis
Article about a tool within CAATTs for Linux: Lynis. Helping auditors with computer-assisted audit tools and techniques, with focus on Linux and Unix scans.
Linux Audit: Auditing the Network Configuration
This article describes how to audit the network configuration of Unix and Linux based systems, with useful tips for auditors and system administrators.