re: Introduction to Linux Hardening VIEW POST

FULL DISCUSSION
 

Also of note, automating these sorts of checks are a lot easier than you'd expect. There's InSpec and the Linux baseline profile already built for it, and you can pretty easily write your own. No agent, nothing on the target server(s) except SSH and some basic tools that are probably already installed.

Blew my mind the first time I saw I could run a report and iterate through a fleet of servers with it.

 

I knew about automatization (mostly for monitoring purpose) but I didn't know about InSpec! I will give it a try, thanks!

code of conduct - report abuse