Because security cannot be guaranteed, you're unlikely to find a tool that can verify that your system is 100%...
secure. However, there are tools out there that can help you. These tools check whether your OS configuration matches the industry's current best practice and allow you to demonstrate compliance with an accepted security standard. The Center for Internet Security (CIS) is a forerunner at defining consensus best-practice security configurations for Internet-connected computers. CIS works with organizations, information security professionals and auditors until they all agree on security configuration specifications that represent a prudent level of due care. Their free Benchmark and Scoring Tools provide a quick and easy way to evaluate your system and compare its level of security against their minimum due care security benchmarks. Various reports show you how to harden both new and active systems while monitoring them to ensure that security settings continuously conform to the configuration specified in the benchmark.
CIS Benchmarks enumerates security configuration settings and actions that "harden" your system. They are unique, not because the settings and actions are unknown, but because consensus among security professionals worldwide has defined these particular configurations. The CIS Level-I Benchmarks set a prudent level of minimum due care, while CIS Level-II Benchmarks vary depending on architecture and server function. The Level-I Benchmark settings can be applied with little security knowledge, as they are unlikely to cause an interruption of service to the operating system or the applications that run on it. However, the CIS Level-II Benchmarks should be used by system administrators who know how to apply them to the operation systems and applications running in their environment.
CIS's benchmark tools for FreeBSD, Linux and Solaris can be downloaded at http://www.cisecurity.org/benchmarks.html. Commercial software tools that check systems for conformity with CIS benchmarks are also available from Altiris. Their SecurityExpressions tools for Solaris, Linux and HP-UX operating systems have been certified by CIS and can be found at http://www.pedestal.com/products/se/.
Dig Deeper on Alternative operating system security
Related Q&A from Michael Cobb
The development of WPA3 helps advance Wi-Fi protocol, as the next generation of Wi-Fi-enabled devices begins to demand more. Expert Michael Cobb ... Continue Reading
An increase of IoT botnets has been seen since the Mirai malware source code was leaked. Learn how the new variants pose to be a serious threat to ... Continue Reading
Android Pixel vulnerabilities could open the smartphone up to attack. Expert Michael Cobb explains the vulnerabilities and how to defend against them. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.