Atomic Secured Linux
The Industry's Only Complete Security Solution for Linux Servers
Atomic Secured Linux was born from the Atomicorp/Prometheus team's numerous consulting engagements with commercial clients and government agencies where the highest degree of security is needed. As experts and early pioneers in this field, the Atomicorp/Prometheus team was faced with the critical need for a complete security solution for their clients; a need in which no product existed. From this need, Atomicorp's flagship product, Atomic Secured Linux was developed, building upon more than 10 years of research and development and more than 20 years of expertise in the field.
Today, Atomic Secured Linux (ASL) is recognized as the only product of its kind and the most secure protection available for Linux web servers. ASL is a Unified Threat Manager that hardens both your web applications and operating system in addition to incorporating numerous proprietary security functions and methodologies.
Unlike other expensive security "solutions" that attempt to achieve security through signature-based detection, known-vulnerability patching and other reactive methods, ASL provides real proactive security by immunizing the entire system against whole classes of vulnerabilities; combining security at all layers, from the firewall to your applications and services, and all the way down to the kernel.
Atomic Secured Linux is essential for public-facing server and shared-hosting environments such as cloud and web hosting servers, multiuser systems, CRM's, ERPs, forums, and shopping carts; helping ensure that your system is secure and compliant with commercial and government security standards.
• Provides Security to all Layers, from the Web Server to the Kernel
Atomic Secured Linux Provides an Immediate Solution for the Following Challenges:
Easy to Use
We designed ASL so that anyone can use it and so that it works out of the box to protect your system. ASL does not require you to be a security expert. We built ASL so that anyone can protect their systems without any security background at all. With ASL you can have the same level of protection that comes with a team of security experts, all wrapped up into one product.
Unlike other security products, Atomic Secured Linux does not depend on signatures that require constant updating as it includes technology to proactively detect and stop entire classes of attacks such as code injection, protocol violations, SQL injection, cross site scripting and more!
ASL is in its seventh year of development and is a mature, reliable product brought to you by noted experts and founders of security and web hosting product companies. When you use ASL, you are not only using the software but the collected experience of our team of security and systems experts. We know and love Linux, and when you use ASL you get that same attention to detail we not only give to our customers, but our own systems. We use every feature in ASL on every Linux system we use. You can depend on ASL, because we depend on it too.
• Access to world class security experts
• Instant built-in support with our automated reporting system. A single click within the ASL GUI causes the system to open a case in our support portal system and our security experts will begin working on your issue. Its like having a Tier 5 security help desk at your command!
• Security event log analysis assistance
• Access to the Atomicorp Support Portal
• Basic installation and deployment assistance
• Development of new rules based on request
• Real-time rule updates*
Note: Priority/Premium support options including phone support and professional services are also available.
* Free False Positive and False Negative updates are available for most popular publicly available web applications. For other applications fees apply. Determination of what applications meet this criteria is at the sole discretion of Atomicorp.
Atomic Secured Linux is offered direct from Atomicorp for just $29.95 a month or $199.95 a year per server. To purchase a license, please see the Atomicorp Store.
A 30 day, zero risk, no obligation trial is also offered. To order a 30-day trial of ASL, please see our ASL Free Trial page. No credit card information is needed for this option.
For additional information such as FAQs, installation instructions, compatibility information, and other detailed technical information, please see the Atomicorp Documentation Wiki.
For a listing and comparison of Atomicorp product features, please see the Atomicorp Product Comparison page.
Complete Intrusion Protection - Everything you need to protect your server in one product!
• HIPS - Host Intrusion Prevention System: includes built-in rootkit detection and prevention.
• KIPS - Kernel Intrusion Prevention System: prevents insertion of rootkits and malware into kernel, protects against memory and stack based attacks and other methods rootkits use to take over your system, Role Based and Mandatory Access Control, Trusted Path and more!
• WIPS/WAF - Web Intrusion Prevention System/Web Application Firewall: Application layer firewalling using the industry leading GotRoot Real Time ModSecurity rules created by Atomciorp and optimized for web hosting environments. A must for PCI-DSS compliance! Protects against cross site scripting, SQL injection, remote code inclusion, directory recursion and many many other web based attacks. Plus, it intelligently detects search engines to prevent accidental blocking of webcrawlers.
Stateful Packet Inspection Firewall
• Quick and easy setup for powerful stateful firewall
• Advanced firewall management GUI for advanced users
Realtime Shunning/Firewalling and Blocking of Attack Sources, including user control over automatic "deshunning" time lines.
• Realtime blacklisting of spammers, malware and attackers.
• Repeat offender shunning (automatically increases with repeated attacks).
• Full RBL support - works with all DNS based RBLs such as spamhaus and others.
• Geoblocking based on countries.
Brute Force Attack Detection and Prevention
• Detects and blocks brute force and "low and slow" attacks on the systems daemons including, ssh, mysql, ftp, mail servers, control panels, suhosin failures, samba and others.
• Detects and blocks brute force and "low and slow" attacks on web applications! Intelligently identifies when a web application has denied access, even complex applications! Not a simple tool that just looks for htaccess failures, this is a real web application brute force protection system.
Automatic Self Healing System - ASL is truly unlike any other security product! Not only will ASL protect your system, but it will also automatically fix problems on the system as they occur. From crashed processes, to broken applications and system errors, you name it! ASL intelligently analyzes the systems logs and condition, and will take action to repair errors, fix misconfigurations, protect processes and so much more. And the Self Healing system is flexible too, using an XML based system to allow you to easily create your own self healing rules.
"Just in Time" Virtual Patching for web applications. Helps to protect vulnerable applications that can not be patched immediately.
Automated File Upload Scanning Protection - realtime prevention of malicious file uploads such as rootkits, viruses, worms, shells, spambots and more!. Scans all Web, FTP and SSH based file uploads. Files can be quarantined for further investigation, or can be automatically deleted before they are ever uploaded to the system!
Built in Vulnerability and Compliance Scanner and Remediation System - ensures that your system is operating in a safe, secure and compliant manner.
Suspicious Event Detection and Notification
• Detects suspicious events and events of importance and sends alerts. Events such as privilege escalation (su events), log ins at strange times, software installation and modification, file privilege changes and more!
• Detects suspicious processes, files, user actions, hidden ports, kernel activity, open ports and other indicators of unauthorized activity or compromise.
Web Comment/Blog/Referrer Spam Protection
Denial of Service Protection
• Realtime malware/virus/trojan protection from web, file and local based attacks.
• Real Time malware removal system - helps protect a system from accidentally serving up malware.
• Includes Real Time malware, antivirus, and rootkit signatures.
• Third party signatures such as Google Blacklists, SaneSecurity, SecuriteInfo, MalDet and others.
Auto-learning Role Based Access Control. Easier to use than SELinux!
• An intelligent and highly secure robust Role-Based Access Control (RBAC) system that can generate least privilege policies for your entire system with no configuration, from the Grsecurity project.
• Auto-learning mode - allows you to generate your own top down least privilege policies.
• ASL also supports SELinux policies.
Data Loss Protection and Real Time Web Content Redaction System - prevents data leakage of information, such as credit cards, SSNs or other sensitive customer data.
Automated Secure Log Management with Secure Remote Logging - intelligent log reduction, event detection and alerting! Ships with a world class set of policies that requires no tuning or configuration and works out of the box to detect intrusions, policy violations and system emergencies.
• Real-time e-mail notifications of attacks and system emergencies.
• GUI management of alerting rules and per domain controls.
• Intelligent log reduction and event detection.
• Event correlation.
• Easy to use XML based policies for custom event detection and alerting.
Web Based GUI Management
• Domain based control over security features.
• Easy to use GUI rule manager for detection and prevention rules and alerts.
• Works with virtual and real servers.
Advanced Kernel Protection: The most secure kernel available for Linux, including state of the art kernel protection from the PaX and grsecurity projects.
• More secure and powerful than standard Linux kernels.
• Prevents rootkit installations, detects and stops application attacks such as buffer overflows, brute force attacks and more.
• Includes powerful immunizations against kernel and software vulnerabilities not found in standard Linux kernels.
• Protects your Linux server against entire classes of exploits in services on the system, such as vulnerabilities in apache, mysql, postgres, bind, secure shell (ssh), control panels and others.
Trusted Path Execution - restricts untrusted users such as apache to execute only trusted applications and commands thus simply preventing a whole class of exploit techniques used by attackers, or internet worms. This can also be used to automatically prevent your users from executing and even uploading dangerous software to your servers!
Built in Virtualization: ASL also includes the KVM/QEMU, lguest and VServer virtualization technologies.
Auto Healing/Hardening: Automatically hardens Linux servers based on security policies, and ships with a world class set of policies developed by our security experts.
• Automatically disables unsafe functions in web technologies such as PHP to help prevent entire classes of vulnerabilities.
• Specially hardened chroot capabilities, and protection against exploitable null-pointer dereference bugs in the kernel, and other enhancements from the Grsecurity project.
• Users are restricted to only view their processes.
• Sensitive kernel functions are denied to normal users.
Please see the Atomicorp Documentation Wiki for FAQs, installation instructions, compatibility information, and other detailed technical information. Atomic Secured Linux is a registered trademark of Atomicorp.