Cybersecurity

7702 readers

78 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

Is Lynis (audit tool) worth using in 2025? (lemmy.ml)

submitted 3 weeks ago* (last edited 3 weeks ago) by OhVenus_Baby@lemmy.ml to c/cybersecurity@sh.itjust.works

2 comments fedilink hide all child comments

The tool Lynis is an auditing tool used to audit Unix systems. Is it still relevant? Worth using?

It used to be fairly widely used years ago. Is it still worth its salt or are there other better options? Do you guys think it's needed at all with common sense now days.

top 2 comments

sorted by: hot top controversial new old

[–] moonpiedumplings@programming.dev 5 points 3 weeks ago (1 children)

Yes, it's worth using. It's fairly easy to install, as it's almost always packaged, and that makes it easy to use.

But it's not really enough. For example, tools like Lynis usually miss containers.

A modern version of this stuff, I would probably recommend scanning all running containers with something like trivy, and then deploying wazuh on the machines. Wazuh can scan the system for misconfigurations in a similar manner to Lynis, but it is also capable of acting as a central logging server and a few other things.

[–] mhzawadi@lemmy.horwood.cloud 0 points 3 weeks ago

We use both lynis and wazuh, wazuh is getting replaced with logpoint and Aws inspector.

I now need to check we pickup the lynis log