Security-Enhanced Linux (SELinux) is a security enhancement to Linux that provides a mechanism for enforcing the security of the system. Read more hot
AntiJOP is a proof-of-concept program, the purpose of which is to demonstrate that the specific bytes that enable JOP and ROP attacks on 64-bit x86 computers can be removed from the object code of programs during the assembly phase.
AppArmor is an access control system that lets you specify per program which files the program may read, write, and execute. AppArmor secures applications by enforcing good application behavior without relying on attack signatures, so it can prevent attacks even if they are exploiting previously unknown vulnerabilities. Read more
Cuckoo Sandbox is a malware analysis system. Its goal is to provide you a way to automatically analyze files and collect comprehensive results describing and outlining what such files do while executed inside an isolated environment.
(commercial) dotDefender secures Web sites against a broad range of HTTP-based attacks, including session attacks (e.g. denial of service), Web application attacks (e.g. SQL injection, cross-site scripting, and known attack signatures), as well as requests originating from known attack sources (e.g. spammer bots and compromised servers). dotDefender installs within moments on the Web server along with a predefined, configurable rule-base, enabling it to secure the Web environment from the moment it is deployed, with virtually no administrator intervention.
Moloch is an open source, large scale, full packet capturing, indexing, and database system. Moloch augments your current security infrastructure to store and index network traffic in standard PCAP format, providing fast, indexed access.
ODESSA is the Open Digital Evidence Search and Seizure Architecture, a cross-platform framework for performing Computer Forensics and Incident Response. Read more
OpenDNSSEC is software that manages the security of domain names on the Internet.
QuintoLabs Content Security
(commercial) QuintoLabs Content Security is designed to filter Web traffic, block downloads, viruses, and malware, erase advertisements, and restrict access to Web sites based on their categories on all recent versions of Squid proxy server.
The Simplified Mandatory Access Control Kernel (Smack) provides a Linux kernel based Mandatory Access Control (MAC) mechanism for protecting processes and data from inappropriate manipulation. Read more