DevSec Linux Baseline is an InSpec compliance profile that standardizes and audits Linux system hardening across multiple projects.
DevSec Linux Baseline - InSpec Profile
This tool is used by security professionals and system administrators to perform compliance auditing and risk assessment on Linux systems, ensuring consistent hardening standards. It is ideal for organizations seeking to enforce governance and compliance policies through automated checks.
Requires InSpec to be installed and configured prior to execution. Best practice is to integrate this profile into CI/CD pipelines or automated compliance workflows to maintain consistent Linux hardening standards. The profile is maintained by the Hardening Framework Team and licensed under Apache 2.0.
Clone the repository: git clone https://github.com/dev-sec/linux-baseline
Execute the profile locally using InSpec: inspec exec linux-baseline
Alternatively, run the profile directly from GitHub: inspec exec https://github.com/dev-sec/linux-baselinegit clone https://github.com/dev-sec/linux-baseline
Clones the linux-baseline repository to the local machine
inspec exec linux-baseline
Executes the compliance profile locally using InSpec
inspec exec https://github.com/dev-sec/linux-baseline
Executes the compliance profile directly from the GitHub repository without cloning