Vulnerability management
Cloud and dedicated servers
We recommend scanning servers for vulnerabilities. This can be done using network vulnerability scanners or software agents on hosts.
Network scanners check hosts that are accessible over the network, and some scanners also support authentication configuration for more accurate analysis.
Examples of free network scanners:
An example of a free scanner that works as an agent on hosts — Wazuh. To run the scanner on each host set up a shared Wazuh server and Wazuh agents. You can create a cloud server with a ready-made Wazuh application.
On Linux servers, you can also use Lynis — a security auditing and compliance tool at the host level. Lynis ensures operating system and application security by checking configurations, permissions, vulnerabilities and outdated packages, firewall settings, and critical system parameters.
On cloud servers, scanners can be installed in the form of own images.