Best IT Security Software for Linux - Page 22
View:
Compare the Top IT Security Software for Linux as of December 2025 - Page 22
Sort By:
-
1
IBM Hyper Protect Virtual Servers take advantage of IBM Secure Execution for Linux. It provides a confidential computing environment to protect sensitive data running in virtual servers and container runtimes by performing computation in a hardware-based, trusted execution environment (TEE). It is available on-premise as well as a managed offering in IBM Cloud. Securely build, deploy, and manage mission-critical applications for the hybrid multi-cloud with confidential computing on IBM Z and LinuxONE. Equip your developers with the capability to securely build their applications in a trusted environment with integrity. Enable admins to validate that applications originate from a trusted source via their own auditing processes. Give operations the ability to manage without accessing applications or their sensitive data. Protect your digital assets on a security-rich, tamper-proof Linux-based platform.
-
2
MINDely
MIND
MIND is the first-ever data security platform that puts data loss prevention (DLP) and insider risk management (IRM) programs on autopilot, so you can automatically identify, detect, and prevent data leaks at machine speed. Continuously find your sensitive data in files spread across your IT environments whether at rest, in motion, or in use. MIND continuously exposes blindspots of sensitive data across your IT environments including SaaS, AI apps, endpoints, on-premise file shares, and emails. MIND monitors and analyzes billions of data security events in real time, enriches each incident with context, and remediates autonomously. MIND automatically blocks sensitive data in real-time from escaping your control, or collaborates with users to remediate risks and educate on your policies. MIND continuously exposes blindspots of sensitive data at rest, in motion, and in use by integrating with data sources across your IT workloads, e.g. SaaS, AI apps, on-premises, endpoints, and emails. -
3
Sysgem Logfile Concentrator
Sysgem
Sysgem's Logfile Concentrator is a comprehensive Windows-based tool designed to integrate streams of log file data from multiple sources into a single centralized location. It collects log data from remote multi-platform servers and end devices, storing them in a central database for analysis and regulatory-compliant archiving. Key features include automated archiving and reporting, customizable record displays, advanced querying, audit trail, and compliance management, as well as intelligent alarms and real-time alerts. The platform offers a user-customizable display for real-time record monitoring and provides a full web browser interface for remote access. Additionally, it supports common ODBC databases such as MS SQL, Oracle, and MS Access. As part of the Sysgem product family, Logfile Concentrator can function as a standalone solution or complement the Sysgem Enterprise Manager (SEM). -
4
alphaMountain Threat Intelligence APIs and Feeds
alphaMountain AI
alphaMountain’s domain and IP threat intelligence powers many of the world’s leading cybersecurity solutions. High-fidelity threat feeds are updated hourly with fresh URL classification, threat ratings and actionable intelligence on over 2 billion hosts including domains and IP addresses. KEY BENEFITS: Get high-fidelity URL classification and threat ratings for any URL from 1.00 to 10.0. Receive fresh categorization and threat ratings updated every hour, syndicated via API or threat feed. See threat factors and other intelligence contributing to threat verdicts. USE CASES: Use threat feeds in your network security products such as secure web gateway, secure email gateway or next-generation firewall. Call the alphaMountain API from your SIEM to investigate threats or from your SOAR to automate responses such as blocking and policy updates. Detect if a URL is suspicious, contains malware, is a phishing site and which of 89 content categories the site belongs to.Starting Price: $300/month -
5
Orchid Security
Orchid Security
Orchid Security utilizes a passive listening service to continuously discover self-hosted applications (those that you manage/maintain) and SaaS applications (developed and maintained by others), providing you with a comprehensive inventory of your enterprise applications, along with their key identity characteristics (e.g. MFA enforcement, rogue or orphaned accounts, RBAC privilege data). Orchid Security leverages advanced AI analytics to automatically assess the identity technologies, protocols, and native authentication/ authorization flows for each application. Identity controls are compared against privacy regulations, cyber security frameworks, and identity best practices (e.g. PCI DSS, HIPAA, SOX, GDPR, CMMC, NIST CSF, ISO 27001, SOC2) to detect potential exposure in cyber security posture and compliance coverage. Orchid Security goes beyond providing visibility into weaknesses, to enable organizations with quick and effective remediation of those weaknesses without recoding. -
6
1Password Extended Access Management (XAM) is a security solution designed to safeguard every login across applications and devices, making it ideal for hybrid work environments. It combines user identity verification, device trust assessments, enterprise password management, and application insights to ensure that only authorized users on secure devices can access both approved and unapproved applications. By providing IT and security teams with visibility into app usage, including shadow IT, XAM enables organizations to enforce contextual access policies based on real-time risk signals like device compliance and credential integrity. With its zero-trust approach, XAM helps businesses move beyond traditional identity management, strengthening security in today’s SaaS-driven workplace.
-
7
Keep Aware
Keep Aware
Keep Aware is an enterprise browser security platform designed to provide comprehensive protection against browser-based threats without disrupting user workflows. By integrating directly into existing browsers such as Chrome, Edge, and Firefox, it offers real-time visibility and control over browser activities, enabling security teams to monitor page visits, extension events, and data transfers. The platform features advanced threat prevention capabilities, including blocking zero-day phishing attempts, malware, and identity attacks through real-time detection and prevention mechanisms. Keep Aware also offers out-of-the-box security profiles for immediate deployment, allowing organizations to enforce web policies and prevent data leaks effectively. Its lightweight architecture ensures minimal impact on system performance, and centralized management provides unified security controls across all browsers within the organization. -
8
DataBahn
DataBahn
DataBahn.ai is redefining how enterprises manage the explosion of security and operational data in the AI era. Our AI-powered data pipeline and fabric platform helps organizations securely collect, enrich, orchestrate, and optimize enterprise data—including security, application, observability, and IoT/OT telemetry—for analytics, automation, and AI. With native support for over 400 integrations and built-in enrichment capabilities, DataBahn streamlines fragmented data workflows and reduces SIEM and infrastructure costs from day one. The platform requires no specialist training, enabling security and IT teams to extract insights in real time and adapt quickly to new demands. We've helped Fortune 500 and Global 2000 companies reduce data processing costs by over 50% and automate more than 80% of their data engineering workloads. -
9
WZSysGuard
WZIS Software Pty Ltd
It's for Linux/AIX/Solaris/MacOS/FreeBSD, has the more reliable FIM function, and more effective Intrusion Detection, plus commands execution protection against software-based key-stealing attacks. WZSysGuard is a robust UNIX/Linux intrusion detection and file integrity verification software that offers advanced protection for your system. Unlike other tools, it reduces false alarms and ensures complete coverage of security-sensitive files. WZSysGuard uses a SHA 384-bit checksum algorithm to detect file changes, even those made through non-filesystem interfaces, such as during maintenance when the system is booted from a DVD or network. It not only detects critical file changes but also identifies new filesystem mounts, network services, and kernel module loads. With a web-based security trap detection interface, WZSysGuard provides a comprehensive security solution that works with minimal overhead and maximum accuracy. -
10
Libelle BusinessShadow
Libelle
With our Libelle BusinessShadow solution for disaster recovery and high availability, you can mirror databases and other application systems with a time delay. Your company is thus protected not only from the consequences of hardware and application errors, but also from the consequences of elemental damage, sabotage, or data loss due to human error. Our patented and dynamically adjustable time funnel temporarily stores the change logs before they are mirrored to the standby system. Switching over to this system in the event of an error or even maintenance can thus be carried out with impressive speed and without any fuss. The time funnel temporarily stores logs before they reach the standby system. You can quickly and easily switch to an error-free state. Your data is up to date and consistent, as it does not have to be laboriously reverted from a backup, but is temporarily stored in the time funnel. -
11
Libelle DataMasking
Libelle
Libelle DataMasking (LDM) is a robust, enterprise-grade data masking solution that automates the anonymization of sensitive or personal data—such as names, addresses, dates, emails, IBANs, credit cards—and transforms them into realistic, logically consistent substitutes that maintain referential integrity across SAP and non‑SAP systems, including Oracle, SQL Server, IBM DB2, MySQL, PostgreSQL, SAP HANA, flat files, and cloud databases. Capable of processing up to 200,000 entries per second and supporting parallelized masking for massive datasets, LDM uses a multithreaded architecture to efficiently read, anonymize, and write data back with high performance. It features over 40 built‑in anonymization algorithms—such as number, alphanumeric, date shifting, name, email, IBAN masking, credit card obfuscation, and mapping algorithms—as well as templates for SAP modules (CRM, ERP, FI/CO, HCM, SD, SRM). -
12
Biometric Anti-Fraud (BAF) is a technology stack for intelligent processing, analysis and recognition of images with an application scenario for remote human identification. Technology stack for online identity verification with NIST FRVT top-ranked face biometrics, advanced liveness detection and user session data monitoring for face authentication and identity fraud prevention in digital onboarding and eKYC services.
-
13
Endpoint Security for Endpoint Manager delivers powerful, integrated endpoint protection and unified management from within the familiar Ivanti console. It combines passive visibility, discovering and inventorying every IP-enabled device and installed software in real time, including rogue devices, with active control features such as application whitelisting, device control (USB/media lockdown and detailed copy logs) and antivirus orchestration (Ivanti AV or third-party engines) to detect and prevent threats before they spread. Automated patch management covers Windows, macOS, Linux, and third-party applications across on-site, remote, and offline devices, ensuring systems stay up to date without impacting users. When malware or ransomware does get through, the solution’s auto-isolation and remote-control capabilities contain infections instantly, kill malicious processes, notify connected machines, and remediate or reimage compromised endpoints.
-
14
Altered Security
Altered Security
Altered Security offers a hands-on cybersecurity education platform featuring Red Team labs, cyber ranges, bootcamps, and certifications designed for Active Directory, Azure, and enterprise security. Through self-paced on-demand labs and in-person sessions, participants gain access to realistic, fully patched environments along with preconfigured VMs, detailed video courses (11–14+ hours), lab manuals, walk-through videos, and instructor support. Courses such as Certified Red Team Professional (CRTP), Certified Red Team Expert (CRTE), and AD CS Attacks cover topics including enumeration, privilege escalation, Kerberos, certificate-based attacks, lateral movement, hybrid Azure-PHF, and cloud persistence. Labs simulate enterprise networks with multiple domains and forests, guiding learners from non‑admin starts to enterprise admin compromise, and include exam attempts for industry-recognized certifications. -
15
IriCore
Iritech, Inc.
IriCore is the next generation of IriTech’s IrisSDK, delivering dramatically improved accuracy and matching speed through a new, compact template format optimized for network transmission and smart‑card storage. It incorporates industry‑leading iris‑recognition algorithms rigorously tested in NIST’s ICE and IREX evaluations and supports modern ISO image formats. IriCore runs seamlessly and reads and writes common industrial image formats such as BMP, JPG, JP2, and PNG. An optional module enables it to detect and adapt to images from either IriTech cameras or third‑party devices, while built‑in compression and decompression capabilities handle both lossy (JPG, JP2) and lossless (PNG) formats. Fully compliant with ISO 19794-6 and pre‑qualified for upcoming standards, including rectilinear, cropped, and ROI‑masked formats, it offers a robust, future‑proof SDK for end‑to‑end iris capture and matching solutions. -
16
IriCoreLite
Iritech, Inc.
IriCoreLite is an iris recognition library that provides a comprehensive set of application programming interfaces and functions for developers and system integrators to build iris recognition–based applications. It is specifically designed for large‑scale iris identification deployments on PCs and enterprise systems using IriTech’s iris scanners. The library incorporates highly accurate iris segmentation for feature extraction based on variable multi‑sector analysis and non‑linear segmentation, a robust image enhancer to handle varying illumination levels and obstructions, and a powerful occlusion detection algorithm to remove eyelids and eyelashes. Its fast and accurate matching algorithm is optimized for large databases, while a strong image quality assessment component ensures reliable input. IriCoreLite’s algorithms have been rigorously evaluated in NIST tests and proven across public databases. -
17
IriMaster
Iritech, Inc.
IriMaster is IriTech’s state‑of‑the‑art middleware server software providing a complete set of iris recognition functions, including enrollment, verification, identification, and de‑duplication, powered by advanced algorithms. Designed for seamless integration into legacy enterprise infrastructures, it addresses the demands of large‑scale biometric systems such as national ID programs, customs and border control, and access control. As a middleware component, IriMaster supports secure transactions and data exchange using SSL and WS‑Security standards, and ensures device‑level encryption via a PKI‑based security infrastructure. Its Web Service API enables scalable, service‑oriented deployments, supporting clients in Java, .NET, or web applications. The software delivers high availability through application server clustering and hardware redundancy, and scales from single‑PC setups to distributed server networks with load balancers. -
18
Koi
Koi Security
Koi is a software supply chain security platform that helps organizations track, govern, and control installations across every endpoint. From browser extensions to IDE plug-ins, CI/CD tools, and AI models, Koi secures the blind spots where attackers often gain entry. Its Wings™ technology goes beyond surface scans by analyzing actual code for secrets, vulnerabilities, and malware while continuously updating risk scores. Koi combines marketplace scanning, publisher reputation intelligence, and dynamic code analysis to deliver real-time visibility and control. With features like automated approvals, preventive policies, and detailed risk reports, teams can block unsafe installs without slowing down adoption of safe tools. By making every install transparent and governable, Koi ensures enterprises can safely harness the full power of their software ecosystem. -
19
Astra API Security Platform
Astra Security
Astra is a powerful API security platform designed to discover, test, and protect every API across your infrastructure. It continuously scans for over 10,000 vulnerabilities, including the OWASP API Top 10, data leaks, and authorization flaws. With Astra, teams can detect Shadow, Zombie, and Orphan APIs, identify sensitive data exposures, and fix vulnerabilities before attackers exploit them. The platform combines automated scanning with manual penetration testing from certified experts to deliver enterprise-grade protection. Seamless integrations with AWS, GCP, Postman, and CI/CD tools make security part of your DevOps workflow. Trusted by over 1,000 engineering teams, Astra empowers businesses to secure their APIs continuously and confidently.Starting Price: $499/month -
20
VeriEye SDK
Neurotechnology
VeriEye SDK delivers advanced iris identification for secure stand-alone and client-server biometric applications. Built for developers and system integrators, it offers fast and accurate matching validated through NIST IREX evaluations. Its proprietary algorithm segments & recognises irises in difficult conditions, including partial eyelid obstruction and varied lighting. Adaptive shape modelling ensures precise boundary detection even when iris contours differ from perfect circles or ellipses. Liveness detection protects systems from spoofing attempts using photos or patterned contact lenses, while automatic left and right iris separation streamlines processing. Image quality checks ensure only high-grade templates are stored, supporting dependable 1-to-1 and 1-to-many performance. The SDK runs on Windows, Linux, macOS, iOS and Android, and provides programming support in C/C++, C#, VB .NET, Java and Python, offering a flexible and well-supported platform for modern biometrics.Starting Price: €339.00 -
21
Mondoo
Mondoo
Mondoo is a unified security and compliance platform designed to drastically reduce business-critical vulnerabilities by combining full-stack asset visibility, risk prioritization, and agentic remediation. It builds a complete inventory of every asset, cloud, on-premises, SaaS, endpoints, network devices, and developer pipelines, and continuously assesses configurations, exposures, and interdependencies. It then applies business context (such as asset criticality, exploitability, and policy deviation) to score and highlight the most urgent risks. Users can choose guided remediation (pre-tested code snippets and playbooks) or autonomous remediation via orchestration pipelines, with tracking, ticket creation, and verification built in. Mondoo supports ingestion of third-party findings, integrates with DevSecOps toolchains (CI/CD, IaC, container registries), and includes 300 + compliance frameworks and benchmark templates. -
22
Snow Software
Snow Software
We have brought together software asset management, cloud management and SaaS management so you can fully optimize all of your technology in one platform that seamlessly integrates with your enterprise ecosystem. Clearly see, understand and manage your entire technology landscape, both on-prem and in the cloud. Maximize the value of your technology investments with deep insights into usage, spend and vulnerabilities. Get the perspective and automation you need to anticipate and align with the rapidly evolving needs of your business. Fast implementation and intuitive design means you are saving money in weeks, not months. Break down your data silos to see on-prem, hybrid and cloud technologies together. Get clean and augmented data, updated daily and powered by the world's largest discovery catalog. Recommendations and self-service drive value, save time and increase productivity. -
23
OX Guard
Open-Xchange
Security and data privacy is a growing concern. Today, both business users and consumers demand more privacy, without adding complexity to their daily tasks. OX Guard was designed specifically with this in mind. This PGP based security add-on for OX App Suite, integrates seamlessly into our existing email app, letting users encrypt and decrypt emails and files easily. There is a growing demand for privacy from users, while at the same time, they are concerned about increased complexity and reduced usability. OX Guard was designed to satisfy these concerns. An easy to use wizard lets users set up OX Guard quickly, with no additional security know-how. After set up users are able to encrypt and decrypt emails and files with just one click, integrating security seamlessly into day-to-day user workflows. -
24
Siwenoid
Siwena
SIWENOID is a JAVA application and runs under Windows, Linux or Mac OS X. It is flexible, reliable, user, and engineer friendly. SIWENOID can integrate many types of subsystems and unify the operation of all. Supports SIEMENS, Bosch, Dahua, Texecom, Paradox systems and many more. Control everything on one (or more) screen with a unified user interface for every subsystem. Siwenoid is built on open-source foundations to keep the cost of the product lower. To keep up with the constant firmware updates of the compatible systems we rely on flexibility. Main goal of the software is to minimize the latency on interconnecting and handling different protocols. Siwenoid can be configured in operation while the subsystems are working. SIWENOID is an OS-independent JAVA application. It is a flexible, reliable, user- and engineer-friendly, scalable, and cost-effective solution. -
25
Eddie
Eddie
Eddie is a high availability clustering tool. It is an open source, 100% software solution written primarily in the functional programming language Erlang (www.erlang.org) and is available for Solaris, Linux and *BSD. At each site, certain servers are designated as Front End Servers. These servers are responsible for controlling and distributing incoming traffic across designated Back End Servers, and tracking the availability of Back End Web Servers within the site. Back End Servers may support a range of Web servers, including Apache. The Enhanced DNS server which provides load balancing and monitoring of site accessibility for geographically distributed web sites. This gives round the clock access to the entire available capacity of the web site, no matter where it is located." The Eddie white papers describe the need for products such as Eddie, and outlines the Eddie approach. -
26
Clari5
Clari5 (CustomerXPs)
Category leaders for Enterprise Fraud Risk Management Systems and Anti-Money Laundering Systems, winner of premier global acclaim for product innovation and featured consistently in global risktech and regtech top 100 rankings, Clari5 redefines real-time, cross-channel Financial Crime Risk Management using a 'central nervous system' approach to help banks combat financial crime. Clari5 uses a ‘human brain like’ approach by synthesizing enterprise-wide intelligence and delivering precise contextual insights in extreme real-time, within the short transaction window, for necessary interventions. Clari5 is a bolt-on system, requires no replacement and features a compact implementation cycle with extremely quick ROI. Harnessing the combined power of Automation, AI, ML, Decision Sciences & Real-time Decisions, Clari5 is today processing over 10 bn transactions and is managing over 500 mn accounts. Marquee banks in 15 countries trust Clari5 to power their fraud risk management strategy. With -
27
RollBack Rx Server
Horizon Datasys
RollBack Rx Server Edition is a robust Windows Server backup and restores utility that enables IT, professionals, an instant backup capability that can quickly restore mission-critical systems back to any number of multiple restore points with unrivaled speeds. RollBack Rx Server Edition makes it quick and easy to safely sandbox updates and service patches with a failsafe approach to system recovery. RollBack Rx Server Edition offers unrivaled background protection and real-time recovery speeds. This allows you to store a locally backed-up sector-map repository of complete multiple instances (or “snapshots”) of the server state. These snapshots can be scheduled to occur at intervals you specify — as frequently as every minute — and can number many thousands. This continual snapshot-taking can be set to occur in the background with no perceptible impact on day-to-day server response times. -
28
Red Hat Virtualization
Red Hat
Red Hat® Virtualization is an enterprise virtualization platform that supports key virtualization workloads including resource-intensive and critical applications, built on Red Hat Enterprise Linux® and KVM and fully supported by Red Hat. Virtualize your resources, processes, and applications with a stable foundation for a cloud-native and containerized future. Automate, manage, and modernize your virtualization workloads. Whether automating daily operations or managing your VMs in Red Hat OpenShift, Red Hat Virtualization uses the Linux® skills your team knows and will build upon for future business needs. Built on an ecosystem of platform and partner solutions and integrated with Red Hat Enterprise Linux, Red Hat Ansible Automation Platform, Red Hat OpenStack® Platform, and Red Hat OpenShift to improve overall IT productivity and drive a higher return on investment. -
29
Digital.ai Application Protection
Digital.ai
Our proprietary protection capabilities shield apps from reverse engineering, tampering, API exploits, and other attacks that can put your business, your customers, and your bottom line at risk. Obfuscates source code, inserts honeypots, and implements other deceptive code patterns to deter and confuse threat actors. Triggers defensive measures automatically if suspicious activity is detected, including app shutdown, user sandbox, or code self-repair. Injects essential app code protections and threat detection sensors into CI/CD cycle after code development, without disrupting the DevOps process. Encrypts static or dynamic keys and data embedded or contained within app code. Protects sensitive data at rest within an app or in transit between the app and server. Supports all major cryptographic algorithms and modes with FIPS 140-2 certification. -
30
OSE
Open Seas
Once hacked, compromised organizations face huge barriers to rebuilding customer trust and brand reputation. OSE detects & alerts to attacks on your critical systems as they occur so you can stop them before damage is done to your organization's IP, brand and reputation with the ensuing loss of customer trust. OSE provides an audit of an attack listing what was changed, what it was before making it quick to resolve. OSE reporting helps with ISO 27000 compliance. OSE (Operating system Security Enforcer) implements your defined Security Policy which can either be an out of the box OSE standard or your personalized version. Rolling-out & apply the security policy on all Unix, Linux & Windows corporate servers. The Autonomous OSE Agent is permanently located on a Unix/Linux server. It is persistent, even in case of network failure. It can also group a set of servers monitored by OSE Agents.
