The tool Lynis is an auditing tool used to audit Unix systems. Is it still relevant? Worth using?
It used to be fairly widely used years ago. Is it still worth its salt or are there other better options? Do you guys think it’s needed at all with common sense now days.
You must log in or register to comment.
Yes, it’s worth using. It’s fairly easy to install, as it’s almost always packaged, and that makes it easy to use.
But it’s not really enough. For example, tools like Lynis usually miss containers.
A modern version of this stuff, I would probably recommend scanning all running containers with something like trivy, and then deploying wazuh on the machines. Wazuh can scan the system for misconfigurations in a similar manner to Lynis, but it is also capable of acting as a central logging server and a few other things.
We use both lynis and wazuh, wazuh is getting replaced with logpoint and Aws inspector.
I now need to check we pickup the lynis log
