OpenVZ (Open Virtuozzo) is an operating system-level virtualization technology for Linux.
Docker (software)
Docker is an open-source project that automates the deployment of Linux applications inside software containers.
LXC
LXC (Linux Containers) is an operating-system-level virtualization method for running multiple isolated Linux systems (containers) on a control host using a single Linux kernel.
PaX
PaX is a patch for the Linux kernel that implements least privilege protections for memory pages.
Grsecurity
grsecurity is a set of patches for the Linux kernel which emphasize security enhancements.
NixOS
NixOS is a Linux distribution that aims to improve the state of the art in system configuration management.
Openwall Project
The Openwall Project is a source for various software, including Openwall GNU/*/Linux (Owl), a security-enhanced operating system designed for servers.
Cgroups
cgroups (abbreviated from control groups) is a Linux kernel feature that limits, accounts for, and isolates the resource usage (CPU, memory, disk I/O, network, etc.) of a collection of processes.
Chmod
In Unix-like operating systems, chmod is the command and system call which may change the access permissions to file system objects (files and directories).
AppArmor
AppArmor ("Application Armor") is a Linux kernel security module that allows the system administrator to restrict programs' capabilities with per-program profiles.
Subgraph (operating system)
Subgraph OS is a Linux distribution designed to be resistant to surveillance and interference by sophisticated adversaries over the Internet.
ZeroVM
ZeroVM is an open source light-weight virtualization and sandboxing technology.
Whonix
Whonix is a Debian GNU/Linux based security-focused Linux distribution.
SetACL
SetACL is a freeware utility for manipulating security descriptors on Microsoft Windows.
XTS-400
The XTS-400 is a multi-level secure computer operating system.
Linux namespaces
Namespaces are a feature of the Linux kernel that isolates and virtualizes system resources of a collection of processes.
Security-focused operating system
This is a list of operating systems with a sharp security focus.
Microsoft Baseline Security Analyzer
Microsoft Baseline Security Analyzer (MBSA) is a software tool released by Microsoft to determine security state by assessing missing security updates and less-secure security settings within Microsoft Windows, Windows components such as Internet Explorer, IIS web server, and products Microsoft SQL Server, and Microsoft Office macro settings.
Lastline
Lastline, Inc. is an American cyber security company and breach detection platform provider based in Redwood City, California.
VMRay
VMRay is a German CyberSecurity company based in Bochum, Germany.
OpenBSM
OpenBSM is an open source implementation of Sun's Basic Security Module (BSM) Audit API and file format.
Process isolation
Process isolation is a set of different hardware and software technologies designed to protect each process from other processes on the operating system.
Qubes OS
(For other uses, see Qubes (disambiguation).) Qubes OS is a security-focused desktop operating system that aims to provide security through isolation.
Flatpak
Flatpak, named xdg-app until May 2016, is a system for application virtualization for Linux desktop computer environments.