Hardening you Linux and BSD based systems is an important job. Lynis can help you with this! I use Ubuntu 16.04 on my workstation and server, so I you use another on Linux, BSD or macOS based system, you maybe have to change some instructions.
Lynis is an open source security and hardening tool for system administrators, auditors and researchers. With integrated compliance testing for, for example, HIPAA, ISO27001 and PCI DSS, Lynis makes a great tool for compliance auditors. Especially when you combine this with Lynis Enterprise for reporting, monitoring and tips for a complaint and secure systems. Lynis can run on most GNU/Linux and BSD based operating systems. It is completely written in shell and it is GPLv3 licensed.