Vulnerability management
Cloud and dedicated servers
We recommend scanning servers for vulnerabilities.To do this, you can use network vulnerability scanners or software agents on hosts.
Network scanners check hosts that are accessible over the network, and some scanners also support authentication configuration for more accurate analysis.
You can use free online scanners:
An example of a free scanner that runs as an agent on hosts is Wazuh.To run the scanner on each host, install:
- Wazuh shared server — more details in the Wazuh Quickstart documentation article;
- Wazuh agents — read more in the Wazuh agent article of the Wazuh documentation.
You can create a cloud server with a ready-made Wazuh application.
On Linux servers, you can also use Lynis, a security auditing and compliance tool at the host level.Lynis secures the operating system and applications by checking configurations, access rights, vulnerabilities and outdated packages, firewall settings, and critical system parameters.
On cloud servers, scanners can be installed as custom images.