this post was submitted on 09 Jun 2025
10 points (91.7% liked)
Cybersecurity
7833 readers
249 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]
Notable mention to [email protected]
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Yes, it's worth using. It's fairly easy to install, as it's almost always packaged, and that makes it easy to use.
But it's not really enough. For example, tools like Lynis usually miss containers.
A modern version of this stuff, I would probably recommend scanning all running containers with something like trivy, and then deploying wazuh on the machines. Wazuh can scan the system for misconfigurations in a similar manner to Lynis, but it is also capable of acting as a central logging server and a few other things.
We use both lynis and wazuh, wazuh is getting replaced with logpoint and Aws inspector.
I now need to check we pickup the lynis log