Tools compared: Linux vulnerability scanners
Finding the right tool for the job can be difficult task. This sheet compares Lynis, OpenSCAP, OpenVAS, salt-scanner and Vuls.
Lynis is a security auditing tool for systems running Linux, macOS, or Unix. It can be used for security assessments and configuration audits.
Tools to assist administrators and auditors with assessment, measurement and enforcement of security baselines
OpenVAS is a framework of several services and tools offering a vulnerability scanning and vulnerability management solution.
Salt-scanner is Linux vulnerability scanner based on Salt Open and Vulners audit API. It has Slack notifications and JIRA integration.
Vuls is a vulnerability scanner for Linux and FreeBSD. It is written in Go, agentless, and does a remote login to find any software vulnerabilities.
Lynis is an open source security auditing tool that is available since 2007 and created by Michael Boelen. Its primary goal is to evaluate the security defenses of systems running Linux or other flavors of Unix. It provides suggestions to install, configure, or correct any security measures.
The OpenSCAP project provides a wide variety of hardening guides, configuration baselines, and tools to test for vulnerabilities and configuration issues. It uses SCAP as the protocol to store the underlying data.
OpenVAS is an open source vulnerability scanner that emerged from when Nessus became closed source in October of 2005.
|Strenghts||Commercial support available, More than 50 contributors, More than 4000 GitHub stars, Used language is shell script, Very low number of dependencies, Project is mature (5+ years), The source code of this software is available||More than 25 contributors, The source code of this software is available, Supported by a large company||The source code of this software is available, Well-known tool||The source code of this software is available||More than 50 contributors, More than 4000 GitHub stars, The source code of this software is available|
|Weaknesses||No releases on GitHub available|
|Programming language(s)||shell script||C||C||Python||Golang|
|Tool page (last updated)|
|More information||Lynis review||OpenSCAP review||OpenVAS review||salt-scanner review||Vuls review|