With IT departments already under pressure, the demand for securing systems is only getting higher. This is why regular system auditing is required.
Unfortunately, manual checking is too much work. Most solutions use existing benchmarks, only present the issues.
Lynis implements hundreds of security checks based on best practices. Other solutions stop at this stage, where Lynis will have built-in tests, not found in any other solution. Instead of following others, we have a clear idea on what auditing of Linux and Unix systems should look like.
When comparing Linux, or Unix systems with Microsoft Windows, one main difference is the software components running on top of the operating system. This is also the reason we are specialized in Linux, Unix and Mac OS based systems. This way you get a highly precise auditing tool, scanning the operating system, its software components, and the configuration of both. No compromises!
With upcoming technologies like Linux container virtualization, we believe in staying up-to-date. This results often in being the first, or only one, implementing auditing capabilities to these technologies. Just auditing the operating system and basic configuration, is not longer enough in these times of interconnected devices.
Software should be simple to use, flexible and cost effective. When it comes to flexibility, you get a solution which is rare for most tools: no installation and no dependencies are required, and root permissions are advised, but still optional.
As Lynis requires no installation, just unpacking and running it will suffice. You receive the extensive audit results in just a matter of minutes. Simple as that.
Audits performed by Lynis are extensive. From the bootloader up to the last piece of software, it all gets checked. Any vulnerable package, weak configuration value or unneeded daemon will show up sooner or later. Usually the biggest weaknesses are not in the operating system, but the software components or their configuration. Therefore you should not settle for just basic auditing of the operating system.