Profile

Cover photo
42 followers|18,375 views
AboutPostsPhotosVideos

Stream

CISOfy

Shared publicly  - 
 
Security auditing tool Lynis won another InfoWorld Bossie award! A great honor to receive this kind of recognition. http://www.infoworld.com/article/3121251/open-source-tools/bossie-awards-2016-the-best-open-source-networking-and-security-software.html#slide13
InfoWorld's top picks among open source tools for connecting devices and securing those devices and connections
1
Add a comment...

CISOfy

Shared publicly  - 
 
When should you do a penetration test on your environment? https://linux-audit.com/when-should-you-do-a-penetration-test/
Penetration Testing and Linux The information security field is filled with all kind of tests and assessments. One of them is the penetration test, also abbreviated to pentest or pen test. Last years, many security consultancy firms offer this test as part of their security services. So what is it really and when should you undergo a penetration test? Continue reading! What is a pentest? The short question to what a penetration is: a hack attack ...
1
Add a comment...

CISOfy

Shared publicly  - 
 
Based on a real question we received: how much system hardening is enough?
https://linux-audit.com/how-much-system-hardening-should-you-do/

1
Add a comment...

CISOfy

Shared publicly  - 
 
When was the last time you used sysctl to tune the kernel? Did you know you can use regular expressions to gather specific keys? Read more: https://linux-audit.com/linux-hardening-with-sysctl/
Sysctl Hardening The GNU/Linux kernel powers a lot of systems, from big mainframes to the Android device in your pocket. If you want to achieve more security on your Linux systems, it would make sense to start hardening there, right? While improving security of the kernel looks easy at first sight, there is more to it than initially meets the eye. In this guide we have a look at the kernel and a common interface called sysctl. Why Invest Time [...
1
1
Add a comment...

CISOfy

Shared publicly  - 
 
Finding the installed compilers on your Linux system is not that easy. Here is how to do it: http://linux-audit.com/audit-installed-compilers-and-their-packages/
1
1
Add a comment...

CISOfy

Shared publicly  - 
 
Thanks for voting! Lynis achieved a 2nd place in the 2015 Top Security Tools by @toolswatch readers - http://www.toolswatch.org/2016/02/2015-top-security-tools-as-voted-by-toolswatch-org-readers/
1
Add a comment...

CISOfy

Shared publicly  - 
Just patching software packages is not enough. We cover a few utilities which help you to determine which processes need a restart to complete software patch management.
1
1
Add a comment...

CISOfy

Shared publicly  - 
 
Open source software needs marketing as well https://linux-audit.com/how-to-promote-your-open-source-project/
Open source development is fun. Getting noticed between thousands of other projects is harder. We have a look at how to promote your open source project and get more users.
1
1
Add a comment...

CISOfy

Shared publicly  - 
 
The pseudo-filesystem /proc contains a lot of useful information for the system administrator. With the hidepid option we can restrict what users can see.
1
2
Add a comment...

CISOfy

Shared publicly  - 
 
Lynis 2.3.0 now available (GitHub, DEB/RPM, or download). A good time to audit your systems again: https://cisofy.com/documentation/lynis/get-started/
1
3
Add a comment...

CISOfy

Shared publicly  - 
 
As a security firm, it was about time for our blog to make the jump to HTTPS with Let's Encrypt and enable the new HTTP/2 protocol: https://linux-audit.com/blog-migrated-to-https-and-http2/
Our blog is about Linux security, so one day it had to be migrated to HTTPS. Last weekend that migration (finally) happened. After a few days of testing, it is now live with the following options: HTTPS by default New HTTP/2 protocol Available via IPv4 and IPv6 Caching Before, we had our blog running with Pound and a Varnish cache. We also optimized these two software packages for both performance and security. With those gone, a lot of optimizat...
1
1
Add a comment...

CISOfy

Shared publicly  - 
 
Understanding Linux Privilege Escalation and Defending Against It - http://linux-audit.com/understanding-linux-privilege-escalation-and-defending-against-it/
Linux Privilege Escalation How it works, and what steps you can take to protect yourself Privilege escalation in another term for the elevation of permissions, of a normal user. This means that a normal user on Linux can become root, or get the same permissions as root. This can be authorized usage, with the use of the su or sudo command. It can also be unauthorized, for example when an attacker gains too many permissions. In this case often with...
1
Add a comment...
Story
Tagline
System Auditing, Hardening, Compliance
Introduction
Simplified security for business running Linux and UNIX-based systems. We created the Lynis Enterprise suite to help companies audit their systems, and stay compliant with security standards.
Links
Contact Information
Contact info
Phone
+31202260055
Email
Address
De Klok 28 5251DN, Vlijmen The Netherlands