Lynis
Lynis is an open source security auditing tool for Linux and UNIX-based systems. It performs an in-depth security scan to detect vulnerabilities, provide tips for system hardening, and monitor compliance status.
Lynis: Open Source Security Auditing Tool for Linux and UNIX-based Systems
Lynis is an open source security auditing tool for Linux and UNIX-based systems. It performs an in-depth security scan to detect vulnerabilities, provide tips for system hardening, and monitor compliance status.
What is Lynis?
Lynis is an open source security auditing tool for Linux and UNIX-based systems. It was created by security researcher and author Michael Boelen to perform automated security auditing, vulnerability detection, and system hardening.
Some key features of Lynis include:
- Comprehensive security scans - Lynis scans system settings, files, processes and more to detect vulnerable components.
- Compliance testing - The tool can test systems against common security baselines like CIS, ISO27001 and PCI DSS.
- Suggest security improvements - Lynis provides tips to further harden and optimize the security of systems.
- Extensible plugins - Custom tests and plugins can be added for specialized audits.
- Lightweight and fast - It runs from a shell without agents or clients for efficiency.
Lynis generates a detailed report at the end of a scan highlighting areas that need improvement. It focuses on preventative security measures to proactively make systems more secure. The tool is commonly used by system administrators, security professionals, auditors and penetration testers.
Lynis Features
Features
- Performs security auditing and vulnerability scanning
- Checks for system hardening and compliance with standards
- Scans for malware, rootkits, suspicious files/processes
- Analyzes system configuration and services
- Provides suggestions for improving security
Pricing
- Open Source
Pros
Free and open source
Easy to use
Automates security auditing
Supports multiple Linux distributions
Customizable and extensible
Regularly updated and maintained
Cons
Command line only, no GUI
Can generate false positives
Limited support for non-Linux systems
Requires some Linux sysadmin knowledge to interpret results
Official Links
Reviews & Ratings
Login to ReviewThe Best Lynis Alternatives
View all Lynis alternatives with detailed comparison →
Top Security & Privacy and Auditing and other similar apps like Lynis
Here are some alternatives to Lynis:
Suggest an alternative ❐
OpenSCAP
OpenSCAP is an open-source auditing tool that enables automated security scanning and compliance testing of systems against security benchmarks and policies. It helps organizations maintain continuous monitoring of their infrastructure for vulnerabilities, misconfigurations, and policy compliance issues.Some key features and capabilities of OpenSCAP include:Performs automated scanning for security vulnerabilities based...
SecPod Saner Personal
SecPod Saner Personal is a free vulnerability assessment and management tool designed for home and personal users. It can quickly scan Windows, macOS, and Linux systems for vulnerabilities, malware, misconfigurations, and other security issues.Key features include:Comprehensive vulnerability scanning based on the latest CVEs and security advisoriesMalware scanning powered by Bitdefender...
Trivy
Trivy is an open-source software vulnerability scanner developed by Aqua Security. It can detect security vulnerabilities and misconfigurations in container images, Git repositories, file systems, and other software artifacts.Some key features of Trivy include:Scans container images based on OS packages to detect vulnerable dependenciesDetects vulnerabilities in multiple languages like Node.js,...
UpGuard
UpGuard is a comprehensive cybersecurity platform designed to give organizations visibility into their IT infrastructure, inventory assets, assess risk, ensure compliance, and reduce downtime. Its key features include:Cloud security tools to detect misconfigurations, data leaks, unauthorized access, and other risks across SaaS apps like G Suite, Slack, GitHub, and more.Vendor...
Intego Mac Internet Security
Intego Mac Internet Security is a comprehensive security solution designed exclusively for Mac. It provides multiple layers of protection to safeguard your Mac against viruses, malware, phishing attempts, and other online threats.Key features include:Real-time antivirus scanning that detects Mac-specific threatsFirewall that monitors inbound and outbound network trafficMalware scanning that identifies...
LastAudit
lastAudit is an open-source software application designed to help system administrators track changes and monitor file integrity on Linux systems. It works by taking a baseline snapshot of the filesystem and then comparing current files against that snapshot to detect any unauthorized changes.Some key features of lastAudit include:File integrity monitoring...
CollectCore
CollectCore is an open-source collection management system designed for museums, galleries, archives, and other collection-based institutions. It provides a comprehensive set of tools to catalog, document, track, and manage collections, with features including:Flexible cataloging and metadata support for diverse object typesLocation and movement trackingLoan in/out trackingConservation and condition assessmentsExhibition and...
