Open Sourcing Our Most Advanced Linux Security Engine: owlSM
LevelBlue + SentinelOne Partner to Deliver AI-Powered Managed Security Operations and Incident Response. Learn More
Submit RFP
Request a Demo
Home
SpiderLabs Blog
Open Sourcing Our Most Advanced Linux Security Engine: owlSM
Change theme to light
July 09, 2026
1 Minute Read
We at LevelBlue company have decided to do something for the community, with the hopes that more security vendors will follow suit.
For more than a year we have been developing an advanced open-source Linux engine we dubbed owLSM. This engine, which is accessible free of charge, has many unique features such as:
A full Sigma rules engine in the kernel, implemented with eBPF LSM (Linux Security Module).
Kernel prevention capabilities that allow us to block operations before they occur.
Broad anti-tampering capabilities.
Security-focused system monitoring where each event contains all the context a security expert needs.
Why We Created This Project
After years of using tools such as Tetragon and Falco, we kept running into the same issues. These solutions offer little to no prevention (enforcement) capabilities. Those that do offer enforcement policies lack basic features, including regex matching, stateful detections, and many more.
Who Is It For
Teams and companies that protect Linux and cloud environments. Developers who are looking for implementation examples of complex eBPF solutions.
How Can You Help
Try it, give us feedback, tell us what features you would like to see next. Send us good feature ideas or contributions, and we will honor your name on the project page. And most importantly, support us by giving the project a GitHub star. By giving us a star, you prove that our decision to open-source owLSM was correct and encourage more vendors to do the same.
Share:
Copy Link<br>Link Copied
v2<br>LinkedIn
Stay Informed<br>Sign up to receive the latest security news and trends straight to your inbox from LevelBlue.
Stay Informed:
Subscribe
Stay Informed<br>Sign up to receive the latest security news and trends straight to your inbox from LevelBlue.
VIDEO
LevelBlue SpiderLabs
ABOUT LEVELBLUE
LevelBlue secures what's next with intelligence-led security delivering visibility and speed to stop threats faster. As the world’s largest and most analyst-recognized pure-play managed security services provider, our AI-powered managed services and cyber expertise across managed, advisory, and incident response services help clients operate with confidence. Learn more about us.
https://www.levelblue.com/resources/blogs/internal-blog/how-to-create-a-blog-post/
News
Tips & Tricks
Latest Intelligence
Hiding in the Chain: Multi-Stage LNK Attack Leveraging TON Blockchain to Deliver Node.JS Backdoor
From Phishing to Persistence: A CrySome RAT Infection Chain Analysis
AsyncRAT and Remcos Delivered in Multi-Stage Phishing Campaign
Related Offerings
Penetration Testing
Incident Readiness and Response
Cyber Threat Intelligence
Threat Hunting
Discover how our specialists can tailor a security program to fit the needs of<br>your organization.
Request a Demo
Stay Informed
Sign up to receive the latest security news and trends straight to your inbox from LevelBlue.
View All Services
Our History
Press Releases
Media Coverage
Careers
Contact
Submit RFP
Free Trials
Training & Certification
Support
Success Center
Documentation Center
Legal
Terms of Usage
Privacy Policy
Your Privacy Choices
© Copyright 2026