Lynis was created in 2006 by Michael Boelen, a Dutch security professional, as an open-source security auditing tool for Unix-based systems. The tool was named after a character in a science fiction novel.
- 2006: First public release of Lynis
- 2007: Growing adoption in the Linux community
- 2008: Introduction of detailed reporting
- 2010: Formation of CISOfy by Michael Boelen
In 2010, Michael Boelen founded CISOfy to provide commercial support, training, and enterprise features around Lynis. This era brought:
- Professional support options
- Lynis Enterprise with centralized management
- Integration with compliance frameworks
- Regular security updates and new tests
| Year |
Version |
Notable Changes |
| 2006 |
1.0 |
Initial release |
| 2010 |
1.4 |
CISOfy formation |
| 2015 |
2.0 |
Major rewrite with improved architecture |
| 2018 |
2.5 |
Enhanced compliance reporting |
| 2020 |
3.0 |
Major release with new features |
- Written in Shell script (POSIX-compliant)
- No compilation required - runs directly
- Extensible test framework
- Detailed logging and reporting
- Security auditing and hardening
- Compliance checking (PCI-DSS, HIPAA, ISO27001)
- System optimization suggestions
- Software vulnerability detection
- Malware scanning integration
¶ Impact and Legacy
Lynis contributions to security auditing:
- Accessible security: Made security auditing accessible to all Linux administrators
- Educational: Helps administrators learn about system security
- Compliance: Assists with compliance requirements
- Community-driven: Benefits from community contributions
Lynis remains actively developed:
- Lynis Community: Free and open-source (GPLv3)
- Lynis Enterprise: Commercial version with central management
- Regular updates: Monthly security database updates
- CI/CD integration: Integrates with automated pipelines
- Docker support: Official Docker images available
- Community Edition: GPL-3.0 (free and open-source)
- Enterprise Edition: Commercial license with additional features