Host/Security Build Review conducts a detailed analysis of the system's security configuration
and implementation, identifying potential vulnerabilities and
weaknesses. This evaluation benchmarks the system against recognised
industry guidelines created by the Centre for Internet Security.
This assessment provides insight into the host's ability to withstand attack from unauthorised users and protect itself against valid users abusing their privileges and access. The main focus is to identify any vulnerability that could be used to compromise the host system or conduct ex-filtration of data.
Tools
https://github.com/CISOfy/lynis
https://github.com/cyberisltd/NixAudit/blob/master/solaris_audit.sh
https://github.com/lateralblast/lunar/
https://github.com/aaron868/security-audit
References
https://www.cyberis.co.uk/2012/07/expect-scripts-to-perform-build-reviews.html
https://www.cisecurity.org/cis-benchmarks/
https://github.com/topics/hardening
This assessment provides insight into the host's ability to withstand attack from unauthorised users and protect itself against valid users abusing their privileges and access. The main focus is to identify any vulnerability that could be used to compromise the host system or conduct ex-filtration of data.
Tools
https://github.com/CISOfy/lynis
https://github.com/cyberisltd/NixAudit/blob/master/solaris_audit.sh
https://github.com/lateralblast/lunar/
https://github.com/aaron868/security-audit
References
https://www.cyberis.co.uk/2012/07/expect-scripts-to-perform-build-reviews.html
https://www.cisecurity.org/cis-benchmarks/
https://github.com/topics/hardening
