Tools compared: Linux vulnerability scanners

Finding the right tool for the job can be difficult task. This sheet compares Lynis, OpenSCAP, OpenVAS, salt-scanner and Vuls.

Tool comparison: Lynis, OpenSCAP, OpenVAS, salt-scanner and Vuls
LynisOpenSCAPOpenVASsalt-scannerVuls
Description

Lynis is a security auditing tool for systems running Linux, macOS, or Unix. It can be used for security assessments and configuration audits.

Tools to assist administrators and auditors with assessment, measurement and enforcement of security baselines

OpenVAS is a framework of several services and tools offering a vulnerability scanning and vulnerability management solution.

Salt-scanner is Linux vulnerability scanner based on Salt Open and Vulners audit API. It has Slack notifications and JIRA integration.

Vuls is a vulnerability scanner for Linux and FreeBSD. It is written in Go, agentless, and can use a remote login to find any software vulnerabilities. It has multiple levels of scanning, from a fast scan up to a deep scan with extensive analysis.

Dependencies
Strenghts

More than 50 contributors, Commercial support available, More than 4000 GitHub stars, Used language is shell script, Very low number of dependencies, Project is mature (10+ years), The source code of this software is available

More than 25 contributors, The source code of this software is available, Supported by a large company

The source code of this software is available, Well-known tool

The source code of this software is available

More than 50 contributors, More than 5000 GitHub stars, The source code of this software is available

Weaknesses

No releases on GitHub available

Programming language(s)

Shell script

C

C

Python

Golang

Last release

2.7.5 (2019-06-24)

1.3.1 (2019-06-13)

7.0.0 (2019-10-11)

Unknown

0.6.0 (2018-11-03)

Tool page (last updated)

2019-06-25

2019-09-11

2019-10-11

2018-04-06

2019-09-05

Tool score

100

88

97

64

85

Download

Download

Download

Download

Download

Download

More information

Lynis review

OpenSCAP review

OpenVAS review

salt-scanner review

Vuls review