Operating system security

OpenVZ (Open Virtuozzo) is an operating system-level virtualization technology for Linux.

Docker is an open-source project that automates the deployment of Linux applications inside software containers.

LXC (Linux Containers) is an operating-system-level virtualization method for running multiple isolated Linux systems (containers) on a control host using a single Linux kernel.

PaX is a patch for the Linux kernel that implements least privilege protections for memory pages.

grsecurity is a set of patches for the Linux kernel which emphasize security enhancements.

NixOS is a Linux distribution that aims to improve the state of the art in system configuration management.

The Openwall Project is a source for various software, including Openwall GNU/*/Linux (Owl), a security-enhanced operating system designed for servers.

cgroups (abbreviated from control groups) is a Linux kernel feature that limits, accounts for, and isolates the resource usage (CPU, memory, disk I/O, network, etc.) of a collection of processes.

In Unix-like operating systems, chmod is the command and system call which may change the access permissions to file system objects (files and directories).

AppArmor ("Application Armor") is a Linux kernel security module that allows the system administrator to restrict programs' capabilities with per-program profiles.

Subgraph OS is a Linux distribution designed to be resistant to surveillance and interference by sophisticated adversaries over the Internet.

ZeroVM is an open source light-weight virtualization and sandboxing technology.

Whonix is a Debian GNU/Linux based security-focused Linux distribution.

SetACL is a freeware utility for manipulating security descriptors on Microsoft Windows.

The XTS-400 is a multi-level secure computer operating system.

Namespaces are a feature of the Linux kernel that isolates and virtualizes system resources of a collection of processes.

This is a list of operating systems with a sharp security focus.

Microsoft Baseline Security Analyzer (MBSA) is a software tool released by Microsoft to determine security state by assessing missing security updates and less-secure security settings within Microsoft Windows, Windows components such as Internet Explorer, IIS web server, and products Microsoft SQL Server, and Microsoft Office macro settings.

Lastline, Inc. is an American cyber security company and breach detection platform provider based in Redwood City, California.

VMRay is a German CyberSecurity company based in Bochum, Germany.

OpenBSM is an open source implementation of Sun's Basic Security Module (BSM) Audit API and file format.

Process isolation is a set of different hardware and software technologies designed to protect each process from other processes on the operating system.

(For other uses, see Qubes (disambiguation).) Qubes OS is a security-focused desktop operating system that aims to provide security through isolation.

Flatpak, named xdg-app until May 2016, is a system for application virtualization for Linux desktop computer environments.