The short term roadmap consists of finishing the web interface, followed by the presenting and supporting documents. This will include documentation, checklists, control overviews and materials for system administrators, security professionals and auditors in particular. This will be followed by the plugins and related services. In the meantime CISOfy will heavily support the development of the existing Lynis tool, as it is the basis of the enterprise solution. Michael mentions that Lynis is already being used by thousands of people responsible for keeping their systems secure.
A key tenet for Lynis is proper information gathering and vulnerability determination/analysis in order to provide users with the best advice regarding system hardening. Lynis will ultimately provide both auditing functionality but monitoring and control mechanisms; remember the above mentioned preventative and detective controls? For monitoring, there will be a clear dashboard to review the environment for expected and unexpected changes with light touch for system administrators and integration with existing SIEM or configuration management tools. The goal is to leverage existing solutions and not reinvent the wheel.
One other significant advantage of Lynis is how lightweight it is and easy to implement. The requirements to run the tool are almost non-existent and it is, of course, open source, allowing ready inspection and assurances that it’s not overly intrusive. Michael intends to provide the supporting tools (such as the management interface) as a Software-as-as-Service (SAAS) solution, but he did indicate that, depending on customer feedback and need, CISOfy might consider appliances at a later stage.
FIGURE 1: Lynis kicking off
- warning=AUTH-9216|M|grpck binary found errors in one or more group files|
- warning=FIRE-4512|L|iptables module(s) loaded, but no rules active|
- warning=SSH-7412|M|Root can directly login via SSH|
- warning=PHP-2372|M|PHP option expose_php is possibly turned on, which can reveal useful information for attackers.|
|FIGURE 2: Lynis suggests how the Samurai might harden his foo|
|FIGURE 3: The end of a verbose Lynis run|