Lynis is a popular open source security auditing tool, used to evaluate the security defenses of their Linux/Unix-based systems. It runs on the host itself, so it performs more extensive security scans than vulnerability scanners.
Lynis 2.2.0 news
Released last week, Lynis 2.2.0 is a a major upgrade, and the result of many months of work. It comes with new features and tests, and a variety of enhancements.
The biggest change in this release is the optimization of several functions. It allows for better detection, and dealing with the quirks, of every single operating system. Some functions were fortified to handle unexcepted results better, like missing a particular binary, or not returning the hostname.
This release also enables tests to be shorter, by adding new functions. Some functions were renamed or slightly changed, to provide more value to the tooling. Another big change is a wide set of optimizations and quality testing. Outdated pieces were removed, or rewritten, to support features seen in newer distributions.
In the area of compliance, adjustments have been made to start supporting more in-depth testing for this. Ideal for companies who have a particular compliance need, or want to test and enforce the system hardening levels of their systems.
“Our first priority after this release is getting our documentation improved. Before we had a single very long document, with tried to capture all the important things. If you want people to use your open source project, give them the chance to quickly try it out,” comments Michael Boelen, Lead Developer of Lynis.