Defensive Security

Linux security guide: the extended version

Feeling overwhelmed with the options available to secure your Linux system? With this guide, we walk step-by-step through the option, tools, and resources.

Summary

Feeling overwhelmed with the resources available to secure your Linux system? This security guide will provide you the points where to start.

With this Linux security guide, we walk step-by-step through the options, tools, and resources. After reading this article, you will be able to make educated decisions about what Linux security defenses to implement for your systems.

You will be introduced to the right tools that help you automate and test your improvements.

Forget Linux Vulnerability Scanning: Get Better Defenses

Vulnerability scanning focuses on weaknesses, or negative aspects of information security. A new look at an existing issue.

Summary

Every month or so, I get a few questions about the vulnerability capabilities Lynis has to offer. It made me think about this subject and I realized something: Many security professionals are still focusing too much on vulnerabilities. They want to know their security gaps, so they can know where they stand. While this isn’t a bad approach, there might be a better solution.

The solution I will discuss today is to focus on (permanent) processes, instead of vulnerability scanning. The goal is to reduce weaknesses quicker, and more often. Processes like software patch management, regular audits and security monitoring. So forget about vulnerability scanning and let’s proceed to the next level of security!