RUNTIME SECURITY THAT WORKS IN REAL-TIME.
WORRIED ABOUT CLOUD COSTS?
Have you evaluated the resource consumption of legacy security tools that you may be running? We’ve run tests that have Gartner leaders consuming more than 50% CPU overhead; assess your environment with our open-source benchmarking tool, SecurityPerf. ZeroLock is built to be agile on Linux, consuming <5% CPU overhead and only 50MB of RAM to leave your cloud resources open for the work you want them to do.
GET UP AND RUNNING FAST WITH ONE-LINE DEPLOYMENT.
- Public, Private, or Hybrid Cloud (Bare Metal/VMs, Containers, Kubernetes)
- On-premises / Private Data Center
- Embedded Systems and Controllers
- Air-gapped Environments
ENSURE UPTIME WITH AI AND AUTOMATED FILE ROLLBACK.
ZeroLock’s patent-pending AI/ML-based behavioral capability detects malware by the actions it performs, not scanning for easily defeated file hashes. Our proprietary algorithms detect and stop traditional and fileless attacks in real-time with >98% efficacy and offer the ability to automatically remediate file damage with no user intervention required—helping you to ensure zero downtime.
- Ransomware Protection
- Wiperware Protection
- Cryptojacking Protection
- Automated Attacker Persistence Removal
- Real-time Threat Remediation
- Automated file rollback
- Fully Automated Process Tree Creation
PREVENT ATTACKS WITH REAL-TIME VIRTUAL PATCHING.
ZeroLock goes beyond traditional mandatory access control capabilities. In contrast to SELinux and AppArmor, ZeroLock offers easily configured and universally applied rules and policies that can be deployed across all your Linux and cloud environments from a single console. Examples of our control capabilities include:
- SSH Multifactor Authentication (MFA)
- Process Behavior Controls
- Network Access Controls
- File Access Controls
- Canary Files
- Tamper Protection
API-FIRST ARCHITECTURE FOR SIEM/SOAR INTEGRATIONS.
For teams that have existing platforms in place that they don’t want to disrupt—for their Windows endpoints for instance—ZeroLock has an API-first architecture with SIEM/SOAR integration capabilities to work into your environment, so you can have the best Linux security without sacrificing ease of management.
24-7 SUPPORT, EVERY STEP OF THE WAY.
ZeroLock® Endpoint Agent Requirements
Linux, kernel v3.5 or higher. Distribution agnostic.
x86-64, ARM-64 (coming soon)
No kernel modification or modules required
ZeroLock runs on Bare Metal, VMs, and containers—including public / private / hybrid cloud instances
- Curl-based command installer
- Wget-based command installer
- Tar.gz file-based installer
- Bash script self-extracting file-based installer
- Deploy via containers (e.g. Docker)
- Deploy via orchestrated containers (e.g. Kubernetes or OpenShift)
ZeroLock® Server Requirements
100GB (dependent on number of endpoints and data retention duration)
4 or more recommended
Latest version of Docker installed.
ZeroLock® Bidirectional API-First Architecture
-SIEM: Splunk ; -SOAR: Swimlane