Security is paramount. Security involves defence in depth. Approaching security one step at a time, with consistency and rigour, you can mitigate threats, and keep intruders at bay.
Intruders use a variety of different techniques in an attempt to compromise a system. For example, systems can be attacked by denial of service, cracking, intrusion, snooping (intercepting the data of another user), or viruses/worms/Trojan horses. To have a secure box, a system therefore needs a variety of defences.
Vulnerability scanning is an essential activity for enterprise security.
Any competent enterprise will have a backbone of security measures including, but not limited to, a firewall, vulnerability scanner, asset-mapping, as well as a dedicated team that performs regular pentesting, an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system.
Recognizing, categorizing and characterizing security holes (known as vulnerabilities) among the network infrastructure, computers, hardware system, and software, etc. is known as Vulnerability Analysis.
Vulnerability scanners, in particular, are critical for ensuring that any threats that may have made it past the firewall are picked up before they can infect and undermine entire networks.
The chart captures our recommendations.
Let’s explore the 8 tools. For each application we have compiled its own portal page, a full description with an in-depth analysis of its features, together with links to relevant resources.
| Vulnerability Detection Tools | |
|---|---|
| Metasploit | Penetration testing framework |
| Nuclei | Fast and customisable vulnerability scanner |
| OpenVAS | Full-featured vulnerability scanner |
| Nikto | Web server scanner |
| Lynis | Auditing, system hardening, compliance testing |
| OSSEC | Centralized architecture for monitoring and managing multiple systems |
| OpenSCAP | NIST Certified SCAP 1.2 toolkit |
| Tiger | Security audit and intrusion detection too |
This article has been revamped in line with our recent announcement.
 Read our complete collection of recommended free and open source software. Our curated compilation covers all categories of software. The software collection forms part of our series of informative articles for Linux enthusiasts. There are hundreds of in-depth reviews, open source alternatives to proprietary software from large corporations like Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. There are also fun things to try, hardware, free programming books and tutorials, and much more. |