Best IT Security Software for Linux - Page 23
View:
Compare the Top IT Security Software for Linux as of June 2026 - Page 23
Sort By:
-
1
Sysgem Logfile Concentrator
Sysgem
Sysgem's Logfile Concentrator is a comprehensive Windows-based tool designed to integrate streams of log file data from multiple sources into a single centralized location. It collects log data from remote multi-platform servers and end devices, storing them in a central database for analysis and regulatory-compliant archiving. Key features include automated archiving and reporting, customizable record displays, advanced querying, audit trail, and compliance management, as well as intelligent alarms and real-time alerts. The platform offers a user-customizable display for real-time record monitoring and provides a full web browser interface for remote access. Additionally, it supports common ODBC databases such as MS SQL, Oracle, and MS Access. As part of the Sysgem product family, Logfile Concentrator can function as a standalone solution or complement the Sysgem Enterprise Manager (SEM). -
2
alphaMountain Threat Intelligence APIs and Feeds
alphaMountain AI
alphaMountain’s domain and IP threat intelligence powers many of the world’s leading cybersecurity solutions. High-fidelity threat feeds are updated hourly with fresh URL classification, threat ratings and actionable intelligence on over 2 billion hosts including domains and IP addresses. KEY BENEFITS: Get high-fidelity URL classification and threat ratings for any URL from 1.00 to 10.0. Receive fresh categorization and threat ratings updated every hour, syndicated via API or threat feed. See threat factors and other intelligence contributing to threat verdicts. USE CASES: Use threat feeds in your network security products such as secure web gateway, secure email gateway or next-generation firewall. Call the alphaMountain API from your SIEM to investigate threats or from your SOAR to automate responses such as blocking and policy updates. Detect if a URL is suspicious, contains malware, is a phishing site and which of 89 content categories the site belongs to.Starting Price: $300/month -
3
Orchid Security
Orchid Security
Orchid Security utilizes a passive listening service to continuously discover self-hosted applications (those that you manage/maintain) and SaaS applications (developed and maintained by others), providing you with a comprehensive inventory of your enterprise applications, along with their key identity characteristics (e.g. MFA enforcement, rogue or orphaned accounts, RBAC privilege data). Orchid Security leverages advanced AI analytics to automatically assess the identity technologies, protocols, and native authentication/ authorization flows for each application. Identity controls are compared against privacy regulations, cyber security frameworks, and identity best practices (e.g. PCI DSS, HIPAA, SOX, GDPR, CMMC, NIST CSF, ISO 27001, SOC2) to detect potential exposure in cyber security posture and compliance coverage. Orchid Security goes beyond providing visibility into weaknesses, to enable organizations with quick and effective remediation of those weaknesses without recoding. -
4
1Password Extended Access Management (XAM) is a security solution designed to safeguard every login across applications and devices, making it ideal for hybrid work environments. It combines user identity verification, device trust assessments, enterprise password management, and application insights to ensure that only authorized users on secure devices can access both approved and unapproved applications. By providing IT and security teams with visibility into app usage, including shadow IT, XAM enables organizations to enforce contextual access policies based on real-time risk signals like device compliance and credential integrity. With its zero-trust approach, XAM helps businesses move beyond traditional identity management, strengthening security in today’s SaaS-driven workplace.
-
5
Keep Aware
Keep Aware
Keep Aware is an enterprise browser security platform designed to provide comprehensive protection against browser-based threats without disrupting user workflows. By integrating directly into existing browsers such as Chrome, Edge, and Firefox, and various AI browsers, it offers real-time visibility and control over browser activities, enabling security teams to monitor page visits, extension events, and data transfers. The platform features advanced threat prevention capabilities, including blocking zero-day phishing attempts, malware, and identity attacks through real-time detection and prevention mechanisms. Keep Aware also offers out-of-the-box security profiles for immediate deployment, allowing organizations to enforce web policies and prevent data leaks effectively. Its lightweight architecture ensures minimal impact on system performance, and centralized management provides unified security controls across all browsers within the organization. -
6
DataBahn
DataBahn
DataBahn.ai is redefining how enterprises manage the explosion of security and operational data in the AI era. Our AI-powered data pipeline and fabric platform helps organizations securely collect, enrich, orchestrate, and optimize enterprise data—including security, application, observability, and IoT/OT telemetry—for analytics, automation, and AI. With native support for over 400 integrations and built-in enrichment capabilities, DataBahn streamlines fragmented data workflows and reduces SIEM and infrastructure costs from day one. The platform requires no specialist training, enabling security and IT teams to extract insights in real time and adapt quickly to new demands. We've helped Fortune 500 and Global 2000 companies reduce data processing costs by over 50% and automate more than 80% of their data engineering workloads. -
7
WZSysGuard
WZIS Software Pty Ltd
It's for Linux/AIX/Solaris/MacOS/FreeBSD, has the more reliable FIM function, and more effective Intrusion Detection, plus commands execution protection against software-based key-stealing attacks. WZSysGuard is a robust UNIX/Linux intrusion detection and file integrity verification software that offers advanced protection for your system. Unlike other tools, it reduces false alarms and ensures complete coverage of security-sensitive files. WZSysGuard uses a SHA 384-bit checksum algorithm to detect file changes, even those made through non-filesystem interfaces, such as during maintenance when the system is booted from a DVD or network. It not only detects critical file changes but also identifies new filesystem mounts, network services, and kernel module loads. With a web-based security trap detection interface, WZSysGuard provides a comprehensive security solution that works with minimal overhead and maximum accuracy. -
8
Libelle BusinessShadow
Libelle
With our Libelle BusinessShadow solution for disaster recovery and high availability, you can mirror databases and other application systems with a time delay. Your company is thus protected not only from the consequences of hardware and application errors, but also from the consequences of elemental damage, sabotage, or data loss due to human error. Our patented and dynamically adjustable time funnel temporarily stores the change logs before they are mirrored to the standby system. Switching over to this system in the event of an error or even maintenance can thus be carried out with impressive speed and without any fuss. The time funnel temporarily stores logs before they reach the standby system. You can quickly and easily switch to an error-free state. Your data is up to date and consistent, as it does not have to be laboriously reverted from a backup, but is temporarily stored in the time funnel. -
9
Libelle DataMasking
Libelle
Libelle DataMasking (LDM) is a robust, enterprise-grade data masking solution that automates the anonymization of sensitive or personal data—such as names, addresses, dates, emails, IBANs, credit cards—and transforms them into realistic, logically consistent substitutes that maintain referential integrity across SAP and non‑SAP systems, including Oracle, SQL Server, IBM DB2, MySQL, PostgreSQL, SAP HANA, flat files, and cloud databases. Capable of processing up to 200,000 entries per second and supporting parallelized masking for massive datasets, LDM uses a multithreaded architecture to efficiently read, anonymize, and write data back with high performance. It features over 40 built‑in anonymization algorithms—such as number, alphanumeric, date shifting, name, email, IBAN masking, credit card obfuscation, and mapping algorithms—as well as templates for SAP modules (CRM, ERP, FI/CO, HCM, SD, SRM). -
10
Biometric Anti-Fraud (BAF) is a technology stack for intelligent processing, analysis and recognition of images with an application scenario for remote human identification. Technology stack for online identity verification with NIST FRVT top-ranked face biometrics, advanced liveness detection and user session data monitoring for face authentication and identity fraud prevention in digital onboarding and eKYC services.
-
11
Ivanti Endpoint Security delivers comprehensive, multi-layered protection in a single solution, eliminating the need for costly, hard-to-manage products from multiple vendors. The platform swiftly detects vulnerabilities in Windows, Mac OS, Linux, and hundreds of third-party applications—including Acrobat Flash/Reader, Java, web browsers, and more—and deploys patches everywhere you need them. Ivanti Endpoint Security also includes advanced endpoint security content, device control and isolation, Ivanti Application Control, media protection, remote device isolation, security diagnostics, and flexible dashboards and reporting. Simplify security management and safeguard your environment with all these powerful tools integrated into one platform.
-
12
Altered Security
Altered Security
Altered Security offers a hands-on cybersecurity education platform featuring Red Team labs, cyber ranges, bootcamps, and certifications designed for Active Directory, Azure, and enterprise security. Through self-paced on-demand labs and in-person sessions, participants gain access to realistic, fully patched environments along with preconfigured VMs, detailed video courses (11–14+ hours), lab manuals, walk-through videos, and instructor support. Courses such as Certified Red Team Professional (CRTP), Certified Red Team Expert (CRTE), and AD CS Attacks cover topics including enumeration, privilege escalation, Kerberos, certificate-based attacks, lateral movement, hybrid Azure-PHF, and cloud persistence. Labs simulate enterprise networks with multiple domains and forests, guiding learners from non‑admin starts to enterprise admin compromise, and include exam attempts for industry-recognized certifications. -
13
IriCore
Iritech, Inc.
IriCore is the next generation of IriTech’s IrisSDK, delivering dramatically improved accuracy and matching speed through a new, compact template format optimized for network transmission and smart‑card storage. It incorporates industry‑leading iris‑recognition algorithms rigorously tested in NIST’s ICE and IREX evaluations and supports modern ISO image formats. IriCore runs seamlessly and reads and writes common industrial image formats such as BMP, JPG, JP2, and PNG. An optional module enables it to detect and adapt to images from either IriTech cameras or third‑party devices, while built‑in compression and decompression capabilities handle both lossy (JPG, JP2) and lossless (PNG) formats. Fully compliant with ISO 19794-6 and pre‑qualified for upcoming standards, including rectilinear, cropped, and ROI‑masked formats, it offers a robust, future‑proof SDK for end‑to‑end iris capture and matching solutions. -
14
IriCoreLite
Iritech, Inc.
IriCoreLite is an iris recognition library that provides a comprehensive set of application programming interfaces and functions for developers and system integrators to build iris recognition–based applications. It is specifically designed for large‑scale iris identification deployments on PCs and enterprise systems using IriTech’s iris scanners. The library incorporates highly accurate iris segmentation for feature extraction based on variable multi‑sector analysis and non‑linear segmentation, a robust image enhancer to handle varying illumination levels and obstructions, and a powerful occlusion detection algorithm to remove eyelids and eyelashes. Its fast and accurate matching algorithm is optimized for large databases, while a strong image quality assessment component ensures reliable input. IriCoreLite’s algorithms have been rigorously evaluated in NIST tests and proven across public databases. -
15
IriMaster
Iritech, Inc.
IriMaster is IriTech’s state‑of‑the‑art middleware server software providing a complete set of iris recognition functions, including enrollment, verification, identification, and de‑duplication, powered by advanced algorithms. Designed for seamless integration into legacy enterprise infrastructures, it addresses the demands of large‑scale biometric systems such as national ID programs, customs and border control, and access control. As a middleware component, IriMaster supports secure transactions and data exchange using SSL and WS‑Security standards, and ensures device‑level encryption via a PKI‑based security infrastructure. Its Web Service API enables scalable, service‑oriented deployments, supporting clients in Java, .NET, or web applications. The software delivers high availability through application server clustering and hardware redundancy, and scales from single‑PC setups to distributed server networks with load balancers. -
16
Koi
Koi Security
Koi is a software supply chain security platform that helps organizations track, govern, and control installations across every endpoint. From browser extensions to IDE plug-ins, CI/CD tools, and AI models, Koi secures the blind spots where attackers often gain entry. Its Wings™ technology goes beyond surface scans by analyzing actual code for secrets, vulnerabilities, and malware while continuously updating risk scores. Koi combines marketplace scanning, publisher reputation intelligence, and dynamic code analysis to deliver real-time visibility and control. With features like automated approvals, preventive policies, and detailed risk reports, teams can block unsafe installs without slowing down adoption of safe tools. By making every install transparent and governable, Koi ensures enterprises can safely harness the full power of their software ecosystem. -
17
Astra API Security Platform
Astra Security
Astra is a powerful API security platform designed to discover, test, and protect every API across your infrastructure. It continuously scans for over 10,000 vulnerabilities, including the OWASP API Top 10, data leaks, and authorization flaws. With Astra, teams can detect Shadow, Zombie, and Orphan APIs, identify sensitive data exposures, and fix vulnerabilities before attackers exploit them. The platform combines automated scanning with manual penetration testing from certified experts to deliver enterprise-grade protection. Seamless integrations with AWS, GCP, Postman, and CI/CD tools make security part of your DevOps workflow. Trusted by over 1,000 engineering teams, Astra empowers businesses to secure their APIs continuously and confidently.Starting Price: $499/month -
18
VeriEye SDK
Neurotechnology
VeriEye SDK delivers advanced iris identification for secure stand-alone and client-server biometric applications. Built for developers and system integrators, it offers fast and accurate matching validated through NIST IREX evaluations. Its proprietary algorithm segments & recognises irises in difficult conditions, including partial eyelid obstruction and varied lighting. Adaptive shape modelling ensures precise boundary detection even when iris contours differ from perfect circles or ellipses. Liveness detection protects systems from spoofing attempts using photos or patterned contact lenses, while automatic left and right iris separation streamlines processing. Image quality checks ensure only high-grade templates are stored, supporting dependable 1-to-1 and 1-to-many performance. The SDK runs on Windows, Linux, macOS, iOS and Android, and provides programming support in C/C++, C#, VB .NET, Java and Python, offering a flexible and well-supported platform for modern biometrics.Starting Price: €339.00 -
19
Mondoo
Mondoo
Mondoo is a unified security and compliance platform designed to drastically reduce business-critical vulnerabilities by combining full-stack asset visibility, risk prioritization, and agentic remediation. It builds a complete inventory of every asset, cloud, on-premises, SaaS, endpoints, network devices, and developer pipelines, and continuously assesses configurations, exposures, and interdependencies. It then applies business context (such as asset criticality, exploitability, and policy deviation) to score and highlight the most urgent risks. Users can choose guided remediation (pre-tested code snippets and playbooks) or autonomous remediation via orchestration pipelines, with tracking, ticket creation, and verification built in. Mondoo supports ingestion of third-party findings, integrates with DevSecOps toolchains (CI/CD, IaC, container registries), and includes 300 + compliance frameworks and benchmark templates. -
20
Corma
Corma
Corma is a unified license and access governance platform built for modern IT teams. It helps organizations manage software spend, identity access, and security from a single, centralized system. Corma provides full visibility into all SaaS applications, users, and permissions across the IT stack. The platform uses AI-powered agents to automate onboarding, offboarding, and access reviews with zero manual effort. Corma enables least-privilege access enforcement and simplifies compliance with standards like ISO 27001 and SOC 2. It also helps reduce software costs by identifying unused licenses and preventing surprise renewals. With fast setup and automation-first workflows, Corma allows teams to go live in minutes. -
21
nono
Always Further
nono is an open source, kernel-enforced sandbox for AI coding agents and LLM workloads. Unlike policy-based guardrails that intercept and filter operations, nono uses OS security primitives — Landlock on Linux and Seatbelt on macOS — to make unauthorised operations structurally impossible at the syscall level. Wrap any AI agent — Claude Code, OpenCode, OpenClaw, or any CLI process — with a single command. nono applies default-deny filesystem access, blocks destructive commands (rm, dd, chmod, sudo), isolates credentials and API keys, and cascades all restrictions to child processes. No escape mechanism exists once restrictions are applied. Built-in profiles get you running in seconds. Secrets inject securely from the system keystore and are zeroised on exit. Audit logging, atomic rollbacks, and Sigstore-attested policy signing are on the roadmap. Apache 2.0. From the creator of Sigstore. -
22
Strike48
Strike48
Strike48 is the Agentic Operations Platform combining complete log visibility with customizable AI agents that run security, IT, and compliance operations at machine speed. Most organizations monitor only about 60-70% of their environment because traditional SIEM and observability platforms make full log coverage cost-prohibitive. Strike48 closes that visibility gap with architecture that decouples storage from upfront parsing decisions, letting teams ingest and retain all their logs without breaking budgets. Bring your logs or query them where they already live (Splunk, data lakes, cloud, on-prem), no rip-and-replace required. On top of that unified data layer, Strike48 deploys autonomous AI agents that run investigations, correlate and triage alerts, collect evidence, generate and validate detection rules, and hand work off to each other. A human-in-the-loop model ensures people approve critical actions like endpoint isolation and remediation, with full audit trails. -
23
Scalefusion OneIdP
Scalefusion OneIdP
Scalefusion OneIdP is a Zero Trust access solution that brings together Identity & Access Management (IAM), Single Sign-On (SSO), Multi-Factor Authentication (MFA), Conditional Access, Just-In-Time (JIT) admin access, and more into a single platform. It secures every access request by combining identity verification with real-time device posture checks, ensuring only verified users on compliant devices can access critical resources. With centralized user lifecycle management, automated provisioning, and unified policy controls. OneIdP simplifies onboarding, strengthens access governance, and reduces IT overhead, while delivering a consistent, secure login experience across enterprises. -
24
UPX
UPX Cybersecurity
UPX (Ultimate Packer for eXecutables) is a high-performance executable compression tool designed to reduce the size of programs and libraries without affecting their functionality or performance. It works by compressing executable files such as EXE, DLL, and other formats across multiple operating systems, including Windows, Linux, and macOS, typically reducing file sizes by 50% to 70%, which helps decrease disk usage, download times, and network load. The compressed executables remain fully self-contained and run exactly as before, as it automatically decompress at runtime without requiring additional dependencies or noticeable memory overhead. UPX uses efficient lossless compression algorithms and supports in-place decompression, allowing programs to execute directly from memory while preserving speed and behavior. It is designed to be secure and transparent, as its open-source nature allows antivirus and security tools to inspect compressed files without obstruction. -
25
Aster Mail
Aster Mail
Aster Mail is a free, open-source, end-to-end encrypted email service for people who want real privacy without the technical overhead. All encryption happens on your device before anything reaches our servers, so we have zero access to your messages or metadata. Aster uses standard OpenPGP with portable RSA-4096 keys, so you're never locked in. Your keys work with GPG, Thunderbird, or any PGP client, and they're discoverable through WKD and public keyservers. Aster-to-Aster messages use a Signal-inspired X3DH and Double Ratchet protocol for forward secrecy. Every plan includes encrypted email, custom domain support, free aliases, tracker protection, and full access across web and desktop. The entire codebase is published under AGPL v3 on GitHub, fully auditable, with a public warrant canary and documented vulnerability disclosure. Free plan includes 10 GB encrypted storage, 5 aliases, and 1 custom domain. Paid plans start at $2.99/month. Servers located in Germany. -
26
Matters.AI
Matters.AI
Matters.AI is the first AI Security Engineer for Data, built for the AI and data layer to autonomously see, understand, and resolve data misuse before the SOC opens a ticket. It protects what truly matters wherever data lives or travels, functioning like an AI security engineer that understands context, monitors behavior, and protects sensitive data autonomously across cloud, SaaS, endpoints, microservices, and AI pipelines. Matters is built on semantic intelligence, nearest neighbor search, data lineage modeling, and predictive behavior analysis, so it does not just detect threats; it understands context, anticipates risk, and takes action proactively. Instead of relying on static rules, regexes, dashboards, and noisy alerts, Matters reads between the lines, traces risk in motion, and never sleeps. It identifies sensitive data not just by how it looks, but by what it represents, tracking data across cloud, SaaS, endpoints, and beyond using fingerprinting and eBPF. -
27
Pillar Security
Pillar Security
Pillar Security is a unified AI security platform for securing the agentic workforce across the entire AI lifecycle, from development to deployment and runtime protection. It connects business context across discovery, testing, and protection so security intelligence compounds across AI applications, agents, models, prompts, frameworks, tools, MCP servers, skills, coding agents, SaaS, cloud, code, and endpoints. Pillar helps organizations discover and manage AI assets everywhere, including shadow AI and unapproved systems, assess supply chain and posture risks, map agentic attack surfaces, and validate the vulnerabilities that actually matter. Its AI Security Posture Management capabilities analyze connected agents, tools, permissions, data sources, prompts, models, and supply chain components to expose risky paths, policy violations, misconfigurations, coding agent risks, and blast radius when a single component is compromised. -
28
AI Security Guard
AI Security Guard
AI Security Guard is a multi-faceted platform for securing autonomous AI, combining a protection SDK, product tooling, education, and original research on the agentic future. - Protection SDK: Integration-friendly API wrapper designed to shield AI agents from jailbreaks, prompt injection, and other harmful content before it reaches your models. - AgentGuard360: Built on the API: Intercepts AI traffic in real time before malicious content reaches your agents. Two-tier content scanning, supply chain protection, and device hardening in one tool. Privacy-first: Content stays local unless you request premium analysis. - Research: Original analysis on the autonomous AI future and the security, privacy, and safety issues that follow, including reports like Shipping the Future. -
29
Snow Software
Snow Software
We have brought together software asset management, cloud management and SaaS management so you can fully optimize all of your technology in one platform that seamlessly integrates with your enterprise ecosystem. Clearly see, understand and manage your entire technology landscape, both on-prem and in the cloud. Maximize the value of your technology investments with deep insights into usage, spend and vulnerabilities. Get the perspective and automation you need to anticipate and align with the rapidly evolving needs of your business. Fast implementation and intuitive design means you are saving money in weeks, not months. Break down your data silos to see on-prem, hybrid and cloud technologies together. Get clean and augmented data, updated daily and powered by the world's largest discovery catalog. Recommendations and self-service drive value, save time and increase productivity. -
30
OX Guard
Open-Xchange
Security and data privacy is a growing concern. Today, both business users and consumers demand more privacy, without adding complexity to their daily tasks. OX Guard was designed specifically with this in mind. This PGP based security add-on for OX App Suite, integrates seamlessly into our existing email app, letting users encrypt and decrypt emails and files easily. There is a growing demand for privacy from users, while at the same time, they are concerned about increased complexity and reduced usability. OX Guard was designed to satisfy these concerns. An easy to use wizard lets users set up OX Guard quickly, with no additional security know-how. After set up users are able to encrypt and decrypt emails and files with just one click, integrating security seamlessly into day-to-day user workflows.
