Because security cannot be guaranteed, you're unlikely to find a tool that can verify that your system is 100% secure. However, there are tools out there that can help you. These tools check whether your OS configuration matches the industry's current best practice and allow you to demonstrate compliance with an accepted security standard. The Center for Internet Security (CIS) is a forerunner at defining consensus best-practice security...
configurations for Internet-connected computers. CIS works with organizations, information security professionals and auditors until they all agree on security configuration specifications that represent a prudent level of due care. Their free Benchmark and Scoring Tools provide a quick and easy way to evaluate your system and compare its level of security against their minimum due care security benchmarks. Various reports show you how to harden both new and active systems while monitoring them to ensure that security settings continuously conform to the configuration specified in the benchmark.
CIS Benchmarks enumerates security configuration settings and actions that "harden" your system. They are unique, not because the settings and actions are unknown, but because consensus among security professionals worldwide has defined these particular configurations. The CIS Level-I Benchmarks set a prudent level of minimum due care, while CIS Level-II Benchmarks vary depending on architecture and server function. The Level-I Benchmark settings can be applied with little security knowledge, as they are unlikely to cause an interruption of service to the operating system or the applications that run on it. However, the CIS Level-II Benchmarks should be used by system administrators who know how to apply them to the operation systems and applications running in their environment.
CIS's benchmark tools for FreeBSD, Linux and Solaris can be downloaded at http://www.cisecurity.org/benchmarks.html. Commercial software tools that check systems for conformity with CIS benchmarks are also available from Altiris. Their SecurityExpressions tools for Solaris, Linux and HP-UX operating systems have been certified by CIS and can be found at http://www.pedestal.com/products/se/.
Dig deeper on Alternative OS security: Mac, Linux, Unix, etc.
Related Q&A from Michael Cobb
A reported 43% of Microsoft XML users are running vulnerable versions of the software. Security expert Michael Cobb discusses how to mitigate the ...continue reading
Security expert Michael Cobb explains what Open Authorization or OAuth 2.0 is, its pros and cons, and how it is different from bring your own ...continue reading
While the fundamentals of securing an e-commerce website haven't changed in a few years, there are new threat vectors and security risks to be aware ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.