Best IT Security Software for Linux - Page 23
View:
Compare the Top IT Security Software for Linux as of May 2026 - Page 23
Sort By:
-
1
Libelle BusinessShadow
Libelle
With our Libelle BusinessShadow solution for disaster recovery and high availability, you can mirror databases and other application systems with a time delay. Your company is thus protected not only from the consequences of hardware and application errors, but also from the consequences of elemental damage, sabotage, or data loss due to human error. Our patented and dynamically adjustable time funnel temporarily stores the change logs before they are mirrored to the standby system. Switching over to this system in the event of an error or even maintenance can thus be carried out with impressive speed and without any fuss. The time funnel temporarily stores logs before they reach the standby system. You can quickly and easily switch to an error-free state. Your data is up to date and consistent, as it does not have to be laboriously reverted from a backup, but is temporarily stored in the time funnel. -
2
Libelle DataMasking
Libelle
Libelle DataMasking (LDM) is a robust, enterprise-grade data masking solution that automates the anonymization of sensitive or personal data—such as names, addresses, dates, emails, IBANs, credit cards—and transforms them into realistic, logically consistent substitutes that maintain referential integrity across SAP and non‑SAP systems, including Oracle, SQL Server, IBM DB2, MySQL, PostgreSQL, SAP HANA, flat files, and cloud databases. Capable of processing up to 200,000 entries per second and supporting parallelized masking for massive datasets, LDM uses a multithreaded architecture to efficiently read, anonymize, and write data back with high performance. It features over 40 built‑in anonymization algorithms—such as number, alphanumeric, date shifting, name, email, IBAN masking, credit card obfuscation, and mapping algorithms—as well as templates for SAP modules (CRM, ERP, FI/CO, HCM, SD, SRM). -
3
Biometric Anti-Fraud (BAF) is a technology stack for intelligent processing, analysis and recognition of images with an application scenario for remote human identification. Technology stack for online identity verification with NIST FRVT top-ranked face biometrics, advanced liveness detection and user session data monitoring for face authentication and identity fraud prevention in digital onboarding and eKYC services.
-
4
Endpoint Security for Endpoint Manager delivers powerful, integrated endpoint protection and unified management from within the familiar Ivanti console. It combines passive visibility, discovering and inventorying every IP-enabled device and installed software in real time, including rogue devices, with active control features such as application whitelisting, device control (USB/media lockdown and detailed copy logs) and antivirus orchestration (Ivanti AV or third-party engines) to detect and prevent threats before they spread. Automated patch management covers Windows, macOS, Linux, and third-party applications across on-site, remote, and offline devices, ensuring systems stay up to date without impacting users. When malware or ransomware does get through, the solution’s auto-isolation and remote-control capabilities contain infections instantly, kill malicious processes, notify connected machines, and remediate or reimage compromised endpoints.
-
5
Altered Security
Altered Security
Altered Security offers a hands-on cybersecurity education platform featuring Red Team labs, cyber ranges, bootcamps, and certifications designed for Active Directory, Azure, and enterprise security. Through self-paced on-demand labs and in-person sessions, participants gain access to realistic, fully patched environments along with preconfigured VMs, detailed video courses (11–14+ hours), lab manuals, walk-through videos, and instructor support. Courses such as Certified Red Team Professional (CRTP), Certified Red Team Expert (CRTE), and AD CS Attacks cover topics including enumeration, privilege escalation, Kerberos, certificate-based attacks, lateral movement, hybrid Azure-PHF, and cloud persistence. Labs simulate enterprise networks with multiple domains and forests, guiding learners from non‑admin starts to enterprise admin compromise, and include exam attempts for industry-recognized certifications. -
6
IriCore
Iritech, Inc.
IriCore is the next generation of IriTech’s IrisSDK, delivering dramatically improved accuracy and matching speed through a new, compact template format optimized for network transmission and smart‑card storage. It incorporates industry‑leading iris‑recognition algorithms rigorously tested in NIST’s ICE and IREX evaluations and supports modern ISO image formats. IriCore runs seamlessly and reads and writes common industrial image formats such as BMP, JPG, JP2, and PNG. An optional module enables it to detect and adapt to images from either IriTech cameras or third‑party devices, while built‑in compression and decompression capabilities handle both lossy (JPG, JP2) and lossless (PNG) formats. Fully compliant with ISO 19794-6 and pre‑qualified for upcoming standards, including rectilinear, cropped, and ROI‑masked formats, it offers a robust, future‑proof SDK for end‑to‑end iris capture and matching solutions. -
7
IriCoreLite
Iritech, Inc.
IriCoreLite is an iris recognition library that provides a comprehensive set of application programming interfaces and functions for developers and system integrators to build iris recognition–based applications. It is specifically designed for large‑scale iris identification deployments on PCs and enterprise systems using IriTech’s iris scanners. The library incorporates highly accurate iris segmentation for feature extraction based on variable multi‑sector analysis and non‑linear segmentation, a robust image enhancer to handle varying illumination levels and obstructions, and a powerful occlusion detection algorithm to remove eyelids and eyelashes. Its fast and accurate matching algorithm is optimized for large databases, while a strong image quality assessment component ensures reliable input. IriCoreLite’s algorithms have been rigorously evaluated in NIST tests and proven across public databases. -
8
IriMaster
Iritech, Inc.
IriMaster is IriTech’s state‑of‑the‑art middleware server software providing a complete set of iris recognition functions, including enrollment, verification, identification, and de‑duplication, powered by advanced algorithms. Designed for seamless integration into legacy enterprise infrastructures, it addresses the demands of large‑scale biometric systems such as national ID programs, customs and border control, and access control. As a middleware component, IriMaster supports secure transactions and data exchange using SSL and WS‑Security standards, and ensures device‑level encryption via a PKI‑based security infrastructure. Its Web Service API enables scalable, service‑oriented deployments, supporting clients in Java, .NET, or web applications. The software delivers high availability through application server clustering and hardware redundancy, and scales from single‑PC setups to distributed server networks with load balancers. -
9
Koi
Koi Security
Koi is a software supply chain security platform that helps organizations track, govern, and control installations across every endpoint. From browser extensions to IDE plug-ins, CI/CD tools, and AI models, Koi secures the blind spots where attackers often gain entry. Its Wings™ technology goes beyond surface scans by analyzing actual code for secrets, vulnerabilities, and malware while continuously updating risk scores. Koi combines marketplace scanning, publisher reputation intelligence, and dynamic code analysis to deliver real-time visibility and control. With features like automated approvals, preventive policies, and detailed risk reports, teams can block unsafe installs without slowing down adoption of safe tools. By making every install transparent and governable, Koi ensures enterprises can safely harness the full power of their software ecosystem. -
10
Astra API Security Platform
Astra Security
Astra is a powerful API security platform designed to discover, test, and protect every API across your infrastructure. It continuously scans for over 10,000 vulnerabilities, including the OWASP API Top 10, data leaks, and authorization flaws. With Astra, teams can detect Shadow, Zombie, and Orphan APIs, identify sensitive data exposures, and fix vulnerabilities before attackers exploit them. The platform combines automated scanning with manual penetration testing from certified experts to deliver enterprise-grade protection. Seamless integrations with AWS, GCP, Postman, and CI/CD tools make security part of your DevOps workflow. Trusted by over 1,000 engineering teams, Astra empowers businesses to secure their APIs continuously and confidently.Starting Price: $499/month -
11
VeriEye SDK
Neurotechnology
VeriEye SDK delivers advanced iris identification for secure stand-alone and client-server biometric applications. Built for developers and system integrators, it offers fast and accurate matching validated through NIST IREX evaluations. Its proprietary algorithm segments & recognises irises in difficult conditions, including partial eyelid obstruction and varied lighting. Adaptive shape modelling ensures precise boundary detection even when iris contours differ from perfect circles or ellipses. Liveness detection protects systems from spoofing attempts using photos or patterned contact lenses, while automatic left and right iris separation streamlines processing. Image quality checks ensure only high-grade templates are stored, supporting dependable 1-to-1 and 1-to-many performance. The SDK runs on Windows, Linux, macOS, iOS and Android, and provides programming support in C/C++, C#, VB .NET, Java and Python, offering a flexible and well-supported platform for modern biometrics.Starting Price: €339.00 -
12
Mondoo
Mondoo
Mondoo is a unified security and compliance platform designed to drastically reduce business-critical vulnerabilities by combining full-stack asset visibility, risk prioritization, and agentic remediation. It builds a complete inventory of every asset, cloud, on-premises, SaaS, endpoints, network devices, and developer pipelines, and continuously assesses configurations, exposures, and interdependencies. It then applies business context (such as asset criticality, exploitability, and policy deviation) to score and highlight the most urgent risks. Users can choose guided remediation (pre-tested code snippets and playbooks) or autonomous remediation via orchestration pipelines, with tracking, ticket creation, and verification built in. Mondoo supports ingestion of third-party findings, integrates with DevSecOps toolchains (CI/CD, IaC, container registries), and includes 300 + compliance frameworks and benchmark templates. -
13
Corma
Corma
Corma is a unified license and access governance platform built for modern IT teams. It helps organizations manage software spend, identity access, and security from a single, centralized system. Corma provides full visibility into all SaaS applications, users, and permissions across the IT stack. The platform uses AI-powered agents to automate onboarding, offboarding, and access reviews with zero manual effort. Corma enables least-privilege access enforcement and simplifies compliance with standards like ISO 27001 and SOC 2. It also helps reduce software costs by identifying unused licenses and preventing surprise renewals. With fast setup and automation-first workflows, Corma allows teams to go live in minutes. -
14
nono
Always Further
nono is an open source, kernel-enforced sandbox for AI coding agents and LLM workloads. Unlike policy-based guardrails that intercept and filter operations, nono uses OS security primitives — Landlock on Linux and Seatbelt on macOS — to make unauthorised operations structurally impossible at the syscall level. Wrap any AI agent — Claude Code, OpenCode, OpenClaw, or any CLI process — with a single command. nono applies default-deny filesystem access, blocks destructive commands (rm, dd, chmod, sudo), isolates credentials and API keys, and cascades all restrictions to child processes. No escape mechanism exists once restrictions are applied. Built-in profiles get you running in seconds. Secrets inject securely from the system keystore and are zeroised on exit. Audit logging, atomic rollbacks, and Sigstore-attested policy signing are on the roadmap. Apache 2.0. From the creator of Sigstore. -
15
Strike48
Strike48
Strike48 is the Agentic Operations Platform combining complete log visibility with customizable AI agents that run security, IT, and compliance operations at machine speed. Most organizations monitor only about 60-70% of their environment because traditional SIEM and observability platforms make full log coverage cost-prohibitive. Strike48 closes that visibility gap with architecture that decouples storage from upfront parsing decisions, letting teams ingest and retain all their logs without breaking budgets. Bring your logs or query them where they already live (Splunk, data lakes, cloud, on-prem), no rip-and-replace required. On top of that unified data layer, Strike48 deploys autonomous AI agents that run investigations, correlate and triage alerts, collect evidence, generate and validate detection rules, and hand work off to each other. A human-in-the-loop model ensures people approve critical actions like endpoint isolation and remediation, with full audit trails. -
16
Scalefusion OneIdP
Scalefusion OneIdP
Scalefusion OneIdP is a Zero Trust access solution that brings together Identity & Access Management (IAM), Single Sign-On (SSO), Multi-Factor Authentication (MFA), Conditional Access, Just-In-Time (JIT) admin access, and more into a single platform. It secures every access request by combining identity verification with real-time device posture checks, ensuring only verified users on compliant devices can access critical resources. With centralized user lifecycle management, automated provisioning, and unified policy controls. OneIdP simplifies onboarding, strengthens access governance, and reduces IT overhead, while delivering a consistent, secure login experience across enterprises. -
17
UPX
UPX Cybersecurity
UPX (Ultimate Packer for eXecutables) is a high-performance executable compression tool designed to reduce the size of programs and libraries without affecting their functionality or performance. It works by compressing executable files such as EXE, DLL, and other formats across multiple operating systems, including Windows, Linux, and macOS, typically reducing file sizes by 50% to 70%, which helps decrease disk usage, download times, and network load. The compressed executables remain fully self-contained and run exactly as before, as it automatically decompress at runtime without requiring additional dependencies or noticeable memory overhead. UPX uses efficient lossless compression algorithms and supports in-place decompression, allowing programs to execute directly from memory while preserving speed and behavior. It is designed to be secure and transparent, as its open-source nature allows antivirus and security tools to inspect compressed files without obstruction. -
18
Snow Software
Snow Software
We have brought together software asset management, cloud management and SaaS management so you can fully optimize all of your technology in one platform that seamlessly integrates with your enterprise ecosystem. Clearly see, understand and manage your entire technology landscape, both on-prem and in the cloud. Maximize the value of your technology investments with deep insights into usage, spend and vulnerabilities. Get the perspective and automation you need to anticipate and align with the rapidly evolving needs of your business. Fast implementation and intuitive design means you are saving money in weeks, not months. Break down your data silos to see on-prem, hybrid and cloud technologies together. Get clean and augmented data, updated daily and powered by the world's largest discovery catalog. Recommendations and self-service drive value, save time and increase productivity. -
19
OX Guard
Open-Xchange
Security and data privacy is a growing concern. Today, both business users and consumers demand more privacy, without adding complexity to their daily tasks. OX Guard was designed specifically with this in mind. This PGP based security add-on for OX App Suite, integrates seamlessly into our existing email app, letting users encrypt and decrypt emails and files easily. There is a growing demand for privacy from users, while at the same time, they are concerned about increased complexity and reduced usability. OX Guard was designed to satisfy these concerns. An easy to use wizard lets users set up OX Guard quickly, with no additional security know-how. After set up users are able to encrypt and decrypt emails and files with just one click, integrating security seamlessly into day-to-day user workflows. -
20
Siwenoid
Siwena
SIWENOID is a JAVA application and runs under Windows, Linux or Mac OS X. It is flexible, reliable, user, and engineer friendly. SIWENOID can integrate many types of subsystems and unify the operation of all. Supports SIEMENS, Bosch, Dahua, Texecom, Paradox systems and many more. Control everything on one (or more) screen with a unified user interface for every subsystem. Siwenoid is built on open-source foundations to keep the cost of the product lower. To keep up with the constant firmware updates of the compatible systems we rely on flexibility. Main goal of the software is to minimize the latency on interconnecting and handling different protocols. Siwenoid can be configured in operation while the subsystems are working. SIWENOID is an OS-independent JAVA application. It is a flexible, reliable, user- and engineer-friendly, scalable, and cost-effective solution. -
21
Eddie
Eddie
Eddie is a high availability clustering tool. It is an open source, 100% software solution written primarily in the functional programming language Erlang (www.erlang.org) and is available for Solaris, Linux and *BSD. At each site, certain servers are designated as Front End Servers. These servers are responsible for controlling and distributing incoming traffic across designated Back End Servers, and tracking the availability of Back End Web Servers within the site. Back End Servers may support a range of Web servers, including Apache. The Enhanced DNS server which provides load balancing and monitoring of site accessibility for geographically distributed web sites. This gives round the clock access to the entire available capacity of the web site, no matter where it is located." The Eddie white papers describe the need for products such as Eddie, and outlines the Eddie approach. -
22
Clari5
Clari5 (CustomerXPs)
Category leaders for Enterprise Fraud Risk Management Systems and Anti-Money Laundering Systems, winner of premier global acclaim for product innovation and featured consistently in global risktech and regtech top 100 rankings, Clari5 redefines real-time, cross-channel Financial Crime Risk Management using a 'central nervous system' approach to help banks combat financial crime. Clari5 uses a ‘human brain like’ approach by synthesizing enterprise-wide intelligence and delivering precise contextual insights in extreme real-time, within the short transaction window, for necessary interventions. Clari5 is a bolt-on system, requires no replacement and features a compact implementation cycle with extremely quick ROI. Harnessing the combined power of Automation, AI, ML, Decision Sciences & Real-time Decisions, Clari5 is today processing over 10 bn transactions and is managing over 500 mn accounts. Marquee banks in 15 countries trust Clari5 to power their fraud risk management strategy. With -
23
RollBack Rx Server
Horizon Datasys
RollBack Rx Server Edition is a robust Windows Server backup and restores utility that enables IT, professionals, an instant backup capability that can quickly restore mission-critical systems back to any number of multiple restore points with unrivaled speeds. RollBack Rx Server Edition makes it quick and easy to safely sandbox updates and service patches with a failsafe approach to system recovery. RollBack Rx Server Edition offers unrivaled background protection and real-time recovery speeds. This allows you to store a locally backed-up sector-map repository of complete multiple instances (or “snapshots”) of the server state. These snapshots can be scheduled to occur at intervals you specify — as frequently as every minute — and can number many thousands. This continual snapshot-taking can be set to occur in the background with no perceptible impact on day-to-day server response times. -
24
Red Hat Virtualization
Red Hat
Red Hat® Virtualization is an enterprise virtualization platform that supports key virtualization workloads including resource-intensive and critical applications, built on Red Hat Enterprise Linux® and KVM and fully supported by Red Hat. Virtualize your resources, processes, and applications with a stable foundation for a cloud-native and containerized future. Automate, manage, and modernize your virtualization workloads. Whether automating daily operations or managing your VMs in Red Hat OpenShift, Red Hat Virtualization uses the Linux® skills your team knows and will build upon for future business needs. Built on an ecosystem of platform and partner solutions and integrated with Red Hat Enterprise Linux, Red Hat Ansible Automation Platform, Red Hat OpenStack® Platform, and Red Hat OpenShift to improve overall IT productivity and drive a higher return on investment. -
25
Digital.ai Application Protection
Digital.ai
Our proprietary protection capabilities shield apps from reverse engineering, tampering, API exploits, and other attacks that can put your business, your customers, and your bottom line at risk. Obfuscates source code, inserts honeypots, and implements other deceptive code patterns to deter and confuse threat actors. Triggers defensive measures automatically if suspicious activity is detected, including app shutdown, user sandbox, or code self-repair. Injects essential app code protections and threat detection sensors into CI/CD cycle after code development, without disrupting the DevOps process. Encrypts static or dynamic keys and data embedded or contained within app code. Protects sensitive data at rest within an app or in transit between the app and server. Supports all major cryptographic algorithms and modes with FIPS 140-2 certification. -
26
OSE
Open Seas
Once hacked, compromised organizations face huge barriers to rebuilding customer trust and brand reputation. OSE detects & alerts to attacks on your critical systems as they occur so you can stop them before damage is done to your organization's IP, brand and reputation with the ensuing loss of customer trust. OSE provides an audit of an attack listing what was changed, what it was before making it quick to resolve. OSE reporting helps with ISO 27000 compliance. OSE (Operating system Security Enforcer) implements your defined Security Policy which can either be an out of the box OSE standard or your personalized version. Rolling-out & apply the security policy on all Unix, Linux & Windows corporate servers. The Autonomous OSE Agent is permanently located on a Unix/Linux server. It is persistent, even in case of network failure. It can also group a set of servers monitored by OSE Agents. -
27
DERMALOG Biometric Software
DERMALOG Identification Systems
The world's fastest and most accurate software. DERMALOG high-speed identification software provides a crucial contribution to prevent identity fraud. It is continuously improved to guarantee reliable products. The software traces identities and duplicates of biometric documents such as national IDs, ePassports, for instance in border control, voters and refugee registration. DERMALOG offers scalable and customizable software that allows performing a wide variety of tasks for processing, editing, searching, retrieving and storing biometric templates and subject records. In addition to the DERMALOG fingerprint technology the German innovation leader presents multi-modal biometric systems which can combine fingerprint identification with an iris or face modality. DERMALOG provides the world's fastest Fingerprint matching. DERMALOG Face Identification provides highest accuracy and speed. DERMALOG Palm Identification for effective crime solving. -
28
Liquid Web
Liquid Web
Fully managed web hosting. We provide you with an unrivaled hosting experience, delivering 99.999% uptime & 24/7 access to the Most Helpful Humans in Hosting. High performance managed web hosting infrastructure to power your site or app. Custom-built server clusters for your most demanding projects. Simple hosting optimized for popular apps. We’ll manage everything so you don’t have to. Not every project is created equal, so why should every hosting plan? At Liquid Web, we specialize in understanding your goals and engineering a tailored solution that helps you reach your business goals faster. We’re here to help you figure out the hosting solution that best matches the needs of your project, including designing a custom, multi-server platform. Multi-server environments with managed file replication options to ensure uptime. Hosted VMware environments with transparent pricing and no per-VM fees. -
29
SmartSearch
SmartSearch
SmartSearch is here to make AML, KYC and Identity Verification compliance easy. The most comprehensive features from an AML Provider. By simply entering the individual’s name, address and date of birth, SmartSearch will complete a full AML/KYC check - including automatic worldwide Sanction and PEP screening - giving you a clear pass or refer result in a matter of seconds. International verification is challenging due to regulatory, cultural and technological differences between countries. But thanks to our unique ability to integrate multiple data sources, we can verify international individuals and businesses. After initial AML/KYC checks have been completed, we continue to monitor all clients daily, alerting you if their Sanctions or PEP status changes. We can also complete retrospective checks on clients to ensure your firm remains compliant at all times. -
30
Intelligent Threat Detection. Faster Response. 98% of all threats start with Active Directory and nearly always involve the compromise of data stored on enterprise data stores. Our unique combination of detailed auditing, anomaly detection, real time alerting, and real time data discovery and classification allows you to identify, prioritize and investigate threats - fast. Protect Sensitive Data from Rogue Users and Compromised User Accounts. We enable you to detect and investigate threats to your most sensitive data in ways no other vendor can. Bringing together data discovery and classification with threat detection enables you to investigate all events, changes, actions and anomalies with context. End to end visibility of Active Directory, Group Policy, File Servers, Office 365, NetApp, SharePoint, Box, Dropbox and more. Detect and Respond to Security Threats 10x Faster. Investigate threats as they emerge in Active Directory and track movement
