Page 21 | Best IT Security Software for Linux of 2025

Swif

Swif is the ultimate AI-powered MDM platform, seamlessly managing your macOS, Windows, and Linux devices. Ensure compliance with SOC 2, HIPAA, and ISO 27001 standards while automating your onboarding and offboarding processes.

View Software

Datto EDR

Datto, a Kaseya company

With Datto Endpoint Detection and Response (EDR) you can detect and respond to advanced threats. Datto EDR is an easy-to-use cloud-based EDR solution that’s designed for your business. Datto EDR is independently verified and proven as a leader against malware and advanced threats. Miercom, a global leader in cybersecurity testing, found that Datto EDR detects and stops 99.62% of all malware when combined with Datto AV. With new threats being developed and released into the wild every day, rest assured knowing that even the most advanced threats are caught by Datto EDR. You don’t have to be a security expert to get security expertise. Datto EDR smart recommendations eliminate alert fatigue, while the correlation engine reduces unnecessary noise. Empowering you to focus on what matters most. Seamless integration with Datto RMM allows one-click EDR deployment, alert response, device isolation, and dashboard access.

View Software

SAMI

NorthWest Protection Services

SAMI uses real-time data and threat intelligence to provide tailored insights that help businesses identify and mitigate security risks. With continuous monitoring, the platform helps companies stay ahead of evolving threats, ensures compliance, and minimizes the risk of data breaches. It empowers employees with the knowledge and tools to protect sensitive information, making it a vital part of a robust cybersecurity strategy.

View Software

Edera

Introducing secure-by-design AI and Kubernetes no matter where you run your infrastructure. Eliminate container escapes and put a security boundary around Kubernetes workloads. Simplify running AI/ML workloads through enhanced GPU device virtualization, driver isolation, and vGPUs. Edera Krata begins a new paradigm of isolation technology, ushering in a new era of security. Edera brings a new era of AI & GPU security and performance, while also integrating seamlessly with Kubernetes. Each container receives its own Linux kernel, eliminating a shared kernel state between containers. Which means goodbye container escapes, costly security tool layering, and long days doom scrolling logs.‍ Run Edera Protect with just a couple lines of YAML and you’re off to the races. It’s written in Rust for enhanced memory safety and has no performance impact. A secure-by-design Kubernetes solution that stops attackers in their tracks.

View Software

Oneleet

We help companies build trust by creating real-world security controls, and then attesting to those controls with a SOC 2 report. Oneleet is a full-stack cybersecurity platform that makes effective cybersecurity easy and painless. We help businesses stay secure so that they can focus on providing value to their customers. We'll start by doing a scoping call to learn about your infrastructure, security concerns, & compliance needs. Then we'll build you out a custom security program that is stage-appropriate. We'll perform your penetration test with highly qualified OSCE-certified or OSWE-certified testers, only around 1,000 of whom exist worldwide. Finally, we'll take you through the SOC 2 auditing process with a 3rd party CPA. Oneleet has everything you need to become compliant and secure in one place. Having all tools under one roof makes the compliance journey smooth and seamless.

View Software

V:M Secure for z/VM

Broadcom

A comprehensive security and directory management system for z/VM. It’s designed to help you minimize risk by establishing rigid safeguards and controlling access to z/VM and Linux on System z guest resources. V:M Secure for z/VM helps prevent inadvertent security exposures by automatically maintaining synchronization between the z/VM user directory and your security rules. It helps make it easier to enforce IT-wide security practices automatically, identify security offenders, and produce complete security reports and audit listings. Control over access to all system resources. Delegation of disk space management and automated direct access storage device (DASD) relocation. Minimize security risk of z/VM environment by enforcing rigid safeguards. Provide flexible access to z/VM resources and Linux on System z guests. Simplify management across disparate IT exposure points ranging from user access to resource, data, and system audit assets.

View Software

MetaDefender Kiosk

OPSWAT

The OPSWAT MetaDefender Kiosk Tower is our largest Kiosk capable of scanning the broadest range of media types. The MetaDefender Kiosk Tower is built with an industrial touchscreen and strong metal enclosure. OPSWAT’s proven, globally trusted, and award-winning technology prevents removable and peripheral media-borne threats from entering critical IT and OT environments. MetaDefender Kiosk scans incoming removable media before it enters your network. It identifies malicious content and sanitizes it prior to use. MetaDefender provides access to real-time OT data and enables secure data transfer to OT environments while defending the OT environment from network-borne threats. Enables users to transfer large files automatically, implement data-at-rest encryption, provide role-based access, and ensure regulatory compliance and audit trails. Provides a second layer of defense against threats by blocking access to USB drives and other media devices until security conditions are met.

View Software

IBM Z Multi-Factor Authentication

IBM

Mainframe systems are the foundation of trusted digital experiences for most of the world’s largest companies and organizations. However, passwords protecting critical users, data, and applications are a relatively simple point of attack for hackers to exploit because the passwords rely on user education and compliance for both implementation and control. By using a variety of methods, such as social engineering and phishing, criminals have exploited employees, partners, and general users to hack into even the most secure platforms. IBM Z MFA raises the level of assurance of your mission-critical systems with expanded authentication capabilities and options for a comprehensive, user-centered strategy that helps mitigate the risk of compromised passwords and system hacks. Our designers are also IBM Z MFA users. Across every new version, we incorporate their growing knowledge and expertise in real-world mainframe security scenarios.

View Software

IBM Hyper Protect Virtual Servers

IBM

IBM Hyper Protect Virtual Servers take advantage of IBM Secure Execution for Linux. It provides a confidential computing environment to protect sensitive data running in virtual servers and container runtimes by performing computation in a hardware-based, trusted execution environment (TEE). It is available on-premise as well as a managed offering in IBM Cloud. Securely build, deploy, and manage mission-critical applications for the hybrid multi-cloud with confidential computing on IBM Z and LinuxONE. Equip your developers with the capability to securely build their applications in a trusted environment with integrity. Enable admins to validate that applications originate from a trusted source via their own auditing processes. Give operations the ability to manage without accessing applications or their sensitive data. Protect your digital assets on a security-rich, tamper-proof Linux-based platform.

View Software

MINDely

MIND

MIND is the first-ever data security platform that puts data loss prevention (DLP) and insider risk management (IRM) programs on autopilot, so you can automatically identify, detect, and prevent data leaks at machine speed. Continuously find your sensitive data in files spread across your IT environments whether at rest, in motion, or in use. MIND continuously exposes blindspots of sensitive data across your IT environments including SaaS, AI apps, endpoints, on-premise file shares, and emails. MIND monitors and analyzes billions of data security events in real time, enriches each incident with context, and remediates autonomously. MIND automatically blocks sensitive data in real-time from escaping your control, or collaborates with users to remediate risks and educate on your policies. MIND continuously exposes blindspots of sensitive data at rest, in motion, and in use by integrating with data sources across your IT workloads, e.g. SaaS, AI apps, on-premises, endpoints, and emails.

View Software

Sysgem Logfile Concentrator

Sysgem

Sysgem's Logfile Concentrator is a comprehensive Windows-based tool designed to integrate streams of log file data from multiple sources into a single centralized location. It collects log data from remote multi-platform servers and end devices, storing them in a central database for analysis and regulatory-compliant archiving. Key features include automated archiving and reporting, customizable record displays, advanced querying, audit trail, and compliance management, as well as intelligent alarms and real-time alerts. The platform offers a user-customizable display for real-time record monitoring and provides a full web browser interface for remote access. Additionally, it supports common ODBC databases such as MS SQL, Oracle, and MS Access. As part of the Sysgem product family, Logfile Concentrator can function as a standalone solution or complement the Sysgem Enterprise Manager (SEM).

View Software

alphaMountain Threat Intelligence APIs and Feeds

alphaMountain AI

alphaMountain’s domain and IP threat intelligence powers many of the world’s leading cybersecurity solutions. High-fidelity threat feeds are updated hourly with fresh URL classification, threat ratings and actionable intelligence on over 2 billion hosts including domains and IP addresses. KEY BENEFITS: Get high-fidelity URL classification and threat ratings for any URL from 1.00 to 10.0. Receive fresh categorization and threat ratings updated every hour, syndicated via API or threat feed. See threat factors and other intelligence contributing to threat verdicts. USE CASES: Use threat feeds in your network security products such as secure web gateway, secure email gateway or next-generation firewall. Call the alphaMountain API from your SIEM to investigate threats or from your SOAR to automate responses such as blocking and policy updates. Detect if a URL is suspicious, contains malware, is a phishing site and which of 89 content categories the site belongs to.

Starting Price: $300/month

View Software

Orchid Security

Orchid Security utilizes a passive listening service to continuously discover self-hosted applications (those that you manage/maintain) and SaaS applications (developed and maintained by others), providing you with a comprehensive inventory of your enterprise applications, along with their key identity characteristics (e.g. MFA enforcement, rogue or orphaned accounts, RBAC privilege data). Orchid Security leverages advanced AI analytics to automatically assess the identity technologies, protocols, and native authentication/ authorization flows for each application. Identity controls are compared against privacy regulations, cyber security frameworks, and identity best practices (e.g. PCI DSS, HIPAA, SOX, GDPR, CMMC, NIST CSF, ISO 27001, SOC2) to detect potential exposure in cyber security posture and compliance coverage. Orchid Security goes beyond providing visibility into weaknesses, to enable organizations with quick and effective remediation of those weaknesses without recoding.

View Software

1Password Extended Access Management (XAM)

1Password

1Password Extended Access Management (XAM) is a security solution designed to safeguard every login across applications and devices, making it ideal for hybrid work environments. It combines user identity verification, device trust assessments, enterprise password management, and application insights to ensure that only authorized users on secure devices can access both approved and unapproved applications. By providing IT and security teams with visibility into app usage, including shadow IT, XAM enables organizations to enforce contextual access policies based on real-time risk signals like device compliance and credential integrity. With its zero-trust approach, XAM helps businesses move beyond traditional identity management, strengthening security in today’s SaaS-driven workplace.

View Software

Keep Aware

Keep Aware is an enterprise browser security platform designed to provide comprehensive protection against browser-based threats without disrupting user workflows. By integrating directly into existing browsers such as Chrome, Edge, and Firefox, it offers real-time visibility and control over browser activities, enabling security teams to monitor page visits, extension events, and data transfers. The platform features advanced threat prevention capabilities, including blocking zero-day phishing attempts, malware, and identity attacks through real-time detection and prevention mechanisms. Keep Aware also offers out-of-the-box security profiles for immediate deployment, allowing organizations to enforce web policies and prevent data leaks effectively. Its lightweight architecture ensures minimal impact on system performance, and centralized management provides unified security controls across all browsers within the organization.

View Software

DataBahn

DataBahn.ai is redefining how enterprises manage the explosion of security and operational data in the AI era. Our AI-powered data pipeline and fabric platform helps organizations securely collect, enrich, orchestrate, and optimize enterprise data—including security, application, observability, and IoT/OT telemetry—for analytics, automation, and AI. With native support for over 400 integrations and built-in enrichment capabilities, DataBahn streamlines fragmented data workflows and reduces SIEM and infrastructure costs from day one. The platform requires no specialist training, enabling security and IT teams to extract insights in real time and adapt quickly to new demands. We've helped Fortune 500 and Global 2000 companies reduce data processing costs by over 50% and automate more than 80% of their data engineering workloads.

View Software

WZSysGuard

WZIS Software Pty Ltd

It's for Linux/AIX/Solaris/MacOS/FreeBSD, has the more reliable FIM function, and more effective Intrusion Detection, plus commands execution protection against software-based key-stealing attacks. WZSysGuard is a robust UNIX/Linux intrusion detection and file integrity verification software that offers advanced protection for your system. Unlike other tools, it reduces false alarms and ensures complete coverage of security-sensitive files. WZSysGuard uses a SHA 384-bit checksum algorithm to detect file changes, even those made through non-filesystem interfaces, such as during maintenance when the system is booted from a DVD or network. It not only detects critical file changes but also identifies new filesystem mounts, network services, and kernel module loads. With a web-based security trap detection interface, WZSysGuard provides a comprehensive security solution that works with minimal overhead and maximum accuracy.

View Software

Libelle BusinessShadow

Libelle

With our Libelle BusinessShadow solution for disaster recovery and high availability, you can mirror databases and other application systems with a time delay. Your company is thus protected not only from the consequences of hardware and application errors, but also from the consequences of elemental damage, sabotage, or data loss due to human error. Our patented and dynamically adjustable time funnel temporarily stores the change logs before they are mirrored to the standby system. Switching over to this system in the event of an error or even maintenance can thus be carried out with impressive speed and without any fuss. The time funnel temporarily stores logs before they reach the standby system. You can quickly and easily switch to an error-free state. Your data is up to date and consistent, as it does not have to be laboriously reverted from a backup, but is temporarily stored in the time funnel.

View Software

Libelle DataMasking

Libelle

Libelle DataMasking (LDM) is a robust, enterprise-grade data masking solution that automates the anonymization of sensitive or personal data—such as names, addresses, dates, emails, IBANs, credit cards—and transforms them into realistic, logically consistent substitutes that maintain referential integrity across SAP and non‑SAP systems, including Oracle, SQL Server, IBM DB2, MySQL, PostgreSQL, SAP HANA, flat files, and cloud databases. Capable of processing up to 200,000 entries per second and supporting parallelized masking for massive datasets, LDM uses a multithreaded architecture to efficiently read, anonymize, and write data back with high performance. It features over 40 built‑in anonymization algorithms—such as number, alphanumeric, date shifting, name, email, IBAN masking, credit card obfuscation, and mapping algorithms—as well as templates for SAP modules (CRM, ERP, FI/CO, HCM, SD, SRM).

View Software

Biometric Anti-Fraud (BAF)

3DiVi

Biometric Anti-Fraud (BAF) is a technology stack for intelligent processing, analysis and recognition of images with an application scenario for remote human identification. Technology stack for online identity verification with NIST FRVT top-ranked face biometrics, advanced liveness detection and user session data monitoring for face authentication and identity fraud prevention in digital onboarding and eKYC services.

View Software

Ivanti Endpoint Security for Endpoint Manager

Ivanti

Endpoint Security for Endpoint Manager delivers powerful, integrated endpoint protection and unified management from within the familiar Ivanti console. It combines passive visibility, discovering and inventorying every IP-enabled device and installed software in real time, including rogue devices, with active control features such as application whitelisting, device control (USB/media lockdown and detailed copy logs) and antivirus orchestration (Ivanti AV or third-party engines) to detect and prevent threats before they spread. Automated patch management covers Windows, macOS, Linux, and third-party applications across on-site, remote, and offline devices, ensuring systems stay up to date without impacting users. When malware or ransomware does get through, the solution’s auto-isolation and remote-control capabilities contain infections instantly, kill malicious processes, notify connected machines, and remediate or reimage compromised endpoints.

View Software

Altered Security

Altered Security offers a hands-on cybersecurity education platform featuring Red Team labs, cyber ranges, bootcamps, and certifications designed for Active Directory, Azure, and enterprise security. Through self-paced on-demand labs and in-person sessions, participants gain access to realistic, fully patched environments along with preconfigured VMs, detailed video courses (11–14+ hours), lab manuals, walk-through videos, and instructor support. Courses such as Certified Red Team Professional (CRTP), Certified Red Team Expert (CRTE), and AD CS Attacks cover topics including enumeration, privilege escalation, Kerberos, certificate-based attacks, lateral movement, hybrid Azure-PHF, and cloud persistence. Labs simulate enterprise networks with multiple domains and forests, guiding learners from non‑admin starts to enterprise admin compromise, and include exam attempts for industry-recognized certifications.

View Software

IriCore

Iritech, Inc.

IriCore is the next generation of IriTech’s IrisSDK, delivering dramatically improved accuracy and matching speed through a new, compact template format optimized for network transmission and smart‑card storage. It incorporates industry‑leading iris‑recognition algorithms rigorously tested in NIST’s ICE and IREX evaluations and supports modern ISO image formats. IriCore runs seamlessly and reads and writes common industrial image formats such as BMP, JPG, JP2, and PNG. An optional module enables it to detect and adapt to images from either IriTech cameras or third‑party devices, while built‑in compression and decompression capabilities handle both lossy (JPG, JP2) and lossless (PNG) formats. Fully compliant with ISO 19794-6 and pre‑qualified for upcoming standards, including rectilinear, cropped, and ROI‑masked formats, it offers a robust, future‑proof SDK for end‑to‑end iris capture and matching solutions.

View Software

IriCoreLite

Iritech, Inc.

IriCoreLite is an iris recognition library that provides a comprehensive set of application programming interfaces and functions for developers and system integrators to build iris recognition–based applications. It is specifically designed for large‑scale iris identification deployments on PCs and enterprise systems using IriTech’s iris scanners. The library incorporates highly accurate iris segmentation for feature extraction based on variable multi‑sector analysis and non‑linear segmentation, a robust image enhancer to handle varying illumination levels and obstructions, and a powerful occlusion detection algorithm to remove eyelids and eyelashes. Its fast and accurate matching algorithm is optimized for large databases, while a strong image quality assessment component ensures reliable input. IriCoreLite’s algorithms have been rigorously evaluated in NIST tests and proven across public databases.

View Software

IriMaster

Iritech, Inc.

IriMaster is IriTech’s state‑of‑the‑art middleware server software providing a complete set of iris recognition functions, including enrollment, verification, identification, and de‑duplication, powered by advanced algorithms. Designed for seamless integration into legacy enterprise infrastructures, it addresses the demands of large‑scale biometric systems such as national ID programs, customs and border control, and access control. As a middleware component, IriMaster supports secure transactions and data exchange using SSL and WS‑Security standards, and ensures device‑level encryption via a PKI‑based security infrastructure. Its Web Service API enables scalable, service‑oriented deployments, supporting clients in Java, .NET, or web applications. The software delivers high availability through application server clustering and hardware redundancy, and scales from single‑PC setups to distributed server networks with load balancers.

View Software

Koi

Koi Security

Koi is a software supply chain security platform that helps organizations track, govern, and control installations across every endpoint. From browser extensions to IDE plug-ins, CI/CD tools, and AI models, Koi secures the blind spots where attackers often gain entry. Its Wings™ technology goes beyond surface scans by analyzing actual code for secrets, vulnerabilities, and malware while continuously updating risk scores. Koi combines marketplace scanning, publisher reputation intelligence, and dynamic code analysis to deliver real-time visibility and control. With features like automated approvals, preventive policies, and detailed risk reports, teams can block unsafe installs without slowing down adoption of safe tools. By making every install transparent and governable, Koi ensures enterprises can safely harness the full power of their software ecosystem.

View Software

VeriEye SDK

Neurotechnology

VeriEye SDK delivers advanced iris identification for secure stand-alone and client-server biometric applications. Built for developers and system integrators, it offers fast and accurate matching validated through NIST IREX evaluations. Its proprietary algorithm segments & recognises irises in difficult conditions, including partial eyelid obstruction and varied lighting. Adaptive shape modelling ensures precise boundary detection even when iris contours differ from perfect circles or ellipses. Liveness detection protects systems from spoofing attempts using photos or patterned contact lenses, while automatic left and right iris separation streamlines processing. Image quality checks ensure only high-grade templates are stored, supporting dependable 1-to-1 and 1-to-many performance. The SDK runs on Windows, Linux, macOS, iOS and Android, and provides programming support in C/C++, C#, VB .NET, Java and Python, offering a flexible and well-supported platform for modern biometrics.

Starting Price: €339.00

View Software

Mondoo

Mondoo is a unified security and compliance platform designed to drastically reduce business-critical vulnerabilities by combining full-stack asset visibility, risk prioritization, and agentic remediation. It builds a complete inventory of every asset, cloud, on-premises, SaaS, endpoints, network devices, and developer pipelines, and continuously assesses configurations, exposures, and interdependencies. It then applies business context (such as asset criticality, exploitability, and policy deviation) to score and highlight the most urgent risks. Users can choose guided remediation (pre-tested code snippets and playbooks) or autonomous remediation via orchestration pipelines, with tracking, ticket creation, and verification built in. Mondoo supports ingestion of third-party findings, integrates with DevSecOps toolchains (CI/CD, IaC, container registries), and includes 300 + compliance frameworks and benchmark templates.

View Software

Snow Software

We have brought together software asset management, cloud management and SaaS management so you can fully optimize all of your technology in one platform that seamlessly integrates with your enterprise ecosystem. Clearly see, understand and manage your entire technology landscape, both on-prem and in the cloud. Maximize the value of your technology investments with deep insights into usage, spend and vulnerabilities. Get the perspective and automation you need to anticipate and align with the rapidly evolving needs of your business. Fast implementation and intuitive design means you are saving money in weeks, not months. Break down your data silos to see on-prem, hybrid and cloud technologies together. Get clean and augmented data, updated daily and powered by the world's largest discovery catalog. Recommendations and self-service drive value, save time and increase productivity.

View Software

OX Guard

Open-Xchange

Security and data privacy is a growing concern. Today, both business users and consumers demand more privacy, without adding complexity to their daily tasks. OX Guard was designed specifically with this in mind. This PGP based security add-on for OX App Suite, integrates seamlessly into our existing email app, letting users encrypt and decrypt emails and files easily. There is a growing demand for privacy from users, while at the same time, they are concerned about increased complexity and reduced usability. OX Guard was designed to satisfy these concerns. An easy to use wizard lets users set up OX Guard quickly, with no additional security know-how. After set up users are able to encrypt and decrypt emails and files with just one click, integrating security seamlessly into day-to-day user workflows.

View Software

Best IT Security Software for Linux - Page 21

Compare the Top IT Security Software for Linux as of December 2025 - Page 21