Intezer Protect
for Linux Servers

Complete runtime visibility and protection
for your virtual and bare metal Linux server workloads

Intezer Protect provides day-one protection for your entire Linux-powered environment, from the data center to the cloud, including your Kubernetes clusters and standalone VMs. Since this is done at runtime, regardless of the diversity of your Linux infrastructure, Intezer Protect ensures your workloads are running securely, while detecting and responding to modern cyber attacks.
In a study conducted by researchers at Team CYRU, 78% or 6,931 known Linux threats were undetected by top-30 AV products.
Linux is not secure by default.
Traditional Antivirus/EDR products slow down performance.
With an emphasis placed on protecting Windows endpoints, the industry is struggling to detect Linux threats.

Detect attacks and breaches on your Linux VMs and bare metal servers

  • Detect the execution of malicious or unauthorized code.
  • Detect supply chain attacks and malicious injections.
  • Detect exploitation of known and unknown vulnerabilities.
  • Detect suspicious shell commands and Living off the Land (LotL) attacks.

Response and forensic capabilities for Linux

  • Quickly terminate any unauthorized code without harming production.
  • Contextual alerts including origin of code and malware family.
  • Root cause analysis for incidents; identify the point of compromise to quickly fix a vulnerability.
  • Seamlessly integrate with tools such as SIEM, SOAR and even Slack.
  • Easily understand what kind of threat you are facing using embedded malware analysis capabilities.

Gain visibility and control over your code in production

  • Continuously monitors your entire runtime stack for every line of code and application that is running. Whether third party libraries, proprietary software or operating system code, Intezer organizes this mess for you, giving you full runtime protection.
  • Bring it all together by securing all types of technologies powered by your Linux servers (containers, K8s, OpenShift), and all cloud providers (AWS, GCP, Azure) with one unified platform.
  • Identify risky software used in attacks such as TeamTNT abusing the legitimate Weave Scope container admin tool.

Reduce your attack surface

  • Detect vulnerabilities in Linux packages at runtime.
  • Prioritize active vulnerable packages based on what is actually running.
  • Detect misconfigurations according to Linux CIS benchmarks.

Meet compliance requirements for Linux and cloud environments

  • Using our built-in capabilities such as File Integrity Monitoring (FIM), Antivirus, HIDS, Anti-malware and more, you can easily demonstrate your compliance with industry regulations such as:
    – SOC-2
    – PCI DSS
    – HIPAA
    – CIS and NIST frameworks

Why Intezer Protect?

1Best detection rate against Linux cloud threats

Mean-Time-to-Detection (MTtD) is critical for reducing bad actor dwell time
We detect threat variants by recognizing even the slightest amount of malicious code reuse. This has proven to be the fastest to identify attacks in Linux and containerized environments.

2Simplified management without complex configuration policies

Doesn’t require maintaining countless policies and container profiles
Most runtime solutions are based on behavioral profiling which generates high false positives and requires constant tweaking of rules and policies. Our core detection strategy is based on detecting unauthorized code instead of a set of rules. The result is very few false positives, and contextualized alerts indicating only real attacks.

3Enterprise-capable with easy-to-deploy, lightweight agent

Perfect for highly scalable containerized environments
On average, Intezer Protect only consumes ~0.5% CPU and works seamlessly with Infrastructure as Code (IaC) tools to provide an easy deployment experience.

Get Started

Don’t take our word for it. Try it out for yourself.
With the Intezer Protect Community Edition you can:

Protect up to 10 hosts for free

Detect and terminate unauthorized and malicious code in runtime

Monitor and log any new application running in your cloud environment

(No credit card required)
Interactive Sandboxing is almost here!Interactive Sandboxing is almost here! Get early access
Generic filters
Exact matches only
Search in title
Search in content
Search in excerpt