Zero Lock

LINUX SECURITY

DONE RIGHT.

Video image
Get a Demo
Zero Lock

LINUX SECURITY

DONE RIGHT.

Designed specifically for Linux, ZeroLock™ combines sophisticated lockdown capabilities with proprietary behavioral detection algorithms to secure your Linux workloads and devices far more effectively than legacy Linux security tools. We focus on delivering maximal protection against attacks, using minimal compute resources—and doing so in a way that’s easy on your budget and staff, too. Dive deeper here.

EASY TO DEPLOY – EVERYWHERE

With many options for installation that work across all Linux distros and with no need for kernel modules, ZeroLock™ can protect all your Linux workloads quickly, without compromising system stability. The ZeroLock™ Server can be self-hosted, either on-premises or in your public/private cloud. Alternatively, you can take advantage of our ZeroLock™ SaaS backend and be up and running in minutes. Whether connected or disconnected, ZeroLock™ offers the same protection.

    • Public Cloud—Bare Metal/VMs, Containers, Kubernetes
    • Private Cloud—Bare Metal/VMs, Containers, Kubernetes
    • Hybrid Cloud
    • On-premises / Private Data Center
    • IoT / Edge Devices (connected or disconnected)
    • Embedded Systems and Controllers
    • Air-gapped Environments

Dive deeper into container protection for Linux here.

Easy to Deploy

PREVENT ATTACKS FROM BEING LAUNCHED

Prevent Attacks
Prevent Attacks

ZeroLock™ goes beyond traditional mandatory access control capabilities. In contrast to SELinux and AppArmor, ZeroLock™ offers easily configured and universally applied rules and policies that can be deployed across all your Linux and cloud environments from a single console. Examples of our control capabilities include:

    • SSH Multifactor Authentication (MFA)
    • Process Behavior Controls
    • Network Access Controls
    • File Access Controls
    • Canary Files
    • Tamper Protection

To make things as easy as possible for you, a recommended set of lockdown rules is published by Vali Cyber’s Threat Intelligence Team. Our rules are created and updated regularly using relevant Linux and Linux application CVEs and recommendations from groups like MITRE and CIS to provide protection against known and zero-day attack vectors. Compare ZeroLock™ and SELinux here.

STOP ATTACKS AND REPAIR ANY DAMAGE.

The patent-pending AI/ML-based behavioral detection capability of ZeroLock™ detects malware by the actions it performs, not scanning for easily defeated file hashes. Our proprietary algorithms detect and stop traditional and fileless attacks and offer the ability to automatically remediate file damage with no user intervention required—helping you to ensure zero downtime. See how ZeroLock™ protects a WordPress server here.

    • Ransomware Protection
    • Wiperware Protection
    • Cryptojacking Protection
    • Automated Attacker Persistence Removal
    • Fully Automated File Remediation
    • Fully Automated Process Tree Creation
Solution

TESTED BY LINUX SECURITY EXPERTS.

TECH SPECS

ZeroLock™ Endpoint Agent Requirements

OS

Linux, kernel v3.5 or higher. Distribution agnostic.

Processor

x86-64, ARM-64 (coming soon)

Memory

50MB

Disk Space

100MB

Kernel Mods.

No kernel modification or modules required

VM/Container Support

ZeroLock™ runs on Bare Metal, VMs, and containers—including public / private / hybrid cloud instances

Installation Methods

  • Curl-based command installer
  • Wget-based command installer
  • Tar.gz file-based installer
  • Bash script self-extracting file-based installer
  • Deploy via containers (e.g. Docker)
  • Deploy via orchestrated containers (e.g. Kubernetes or OpenShift)

ZeroLock™ Server Requirements

RAM

8GB

Disk Space

100GB (dependent on number of endpoints and data retention duration)

CPU Cores

4 or more recommended

Installation Reqs.

Latest version of Docker installed.

Get a Demo