Delve
AI-native compliance automation with agent-based evidence collection
Open-Source Projects
Discover top open-source software, updated regularly with real-world adoption signals.
Discover top open-source software, updated regularly with real-world adoption signals.
In-depth security auditing and hardening for UNIX-based systems
Lynis performs comprehensive security audits on Linux, macOS, and BSD systems, delivering actionable hardening recommendations and compliance testing for ISO27001, PCI-DSS, and HIPAA.
Lynis is a battle-tested security auditing tool designed for UNIX-based systems including Linux, macOS, and BSD. Running directly on the target system, it performs in-depth security scans to assess defenses, detect vulnerabilities, and provide actionable hardening recommendations. Trusted by thousands of organizations daily, Lynis requires no compilation or installation—simply clone and execute.
System administrators, auditors, security officers, and penetration testers rely on Lynis for automated security assessments. Blue teams use it to strengthen defenses, while red teams leverage it for privilege escalation reconnaissance during penetration tests.
Lynis automates security auditing, compliance testing (ISO27001, PCI-DSS, HIPAA), and vulnerability detection. It assists with configuration management, patch management, system hardening, and intrusion detection. The tool scans for general system information, outdated software packages, and configuration weaknesses, delivering a comprehensive security posture assessment.
Install via native packages for major distributions (Debian, Ubuntu, CentOS, Fedora, RHEL) or run directly from Git with zero dependencies. Written in Shell, Lynis is lightweight, regularly updated, and built on principles of simplicity and transparency.
When teams consider Lynis, these hosted platforms usually appear on the same shortlist.
Looking for a hosted option? These are the services engineering teams benchmark against before choosing open source.
PCI-DSS Compliance Validation
Auditors scan payment processing servers to identify configuration gaps and generate evidence for quarterly compliance reviews.
Linux Server Hardening
System administrators run Lynis post-deployment to receive prioritized hardening recommendations and reduce attack surface before production.
Vulnerability Assessment in CI/CD
DevOps teams integrate Lynis into build pipelines to detect security misconfigurations and outdated packages before image promotion.
Penetration Testing Reconnaissance
Red teams execute Lynis on compromised systems to enumerate security controls, identify privilege escalation paths, and map defenses.
No. Lynis runs directly from source with no compilation needed. Clone the repository and execute the audit command immediately, or install via native packages for easier updates.
Lynis assists with compliance testing for ISO27001, PCI-DSS, HIPAA, and GDPR by identifying configuration gaps and security weaknesses relevant to these frameworks.
No. Lynis is an auditing tool that provides actionable recommendations and hardening tips. System administrators must manually implement suggested changes.
The open-source version provides full auditing capabilities. The enterprise version adds a web interface, centralized dashboard, reporting, risk-based improvement plans, and commercial support.
Lynis supports UNIX-based systems including Linux distributions (Debian, Ubuntu, CentOS, Fedora, RHEL), macOS, and BSD variants. Windows is not supported.
Project at a glance
ActiveLast synced 4 days ago
