Open Sourcing Our Most Advanced Linux Security Engine: OwlSM

speckx1 pts0 comments

Open Sourcing Our Most Advanced Linux Security Engine: owlSM

LevelBlue + SentinelOne Partner to Deliver AI-Powered Managed Security Operations and Incident Response. Learn More

Submit RFP

Request a Demo

Home

SpiderLabs Blog

Open Sourcing Our Most Advanced Linux Security Engine: owlSM

Change theme to light

July 09, 2026

1 Minute Read

We at LevelBlue company have decided to do something for the community, with the hopes that more security vendors will follow suit.

For more than a year we have been developing an advanced open-source Linux engine we dubbed owLSM. This engine, which is accessible free of charge, has many unique features such as:

A full Sigma rules engine in the kernel, implemented with eBPF LSM (Linux Security Module).

Kernel prevention capabilities that allow us to block operations before they occur.

Broad anti-tampering capabilities.

Security-focused system monitoring where each event contains all the context a security expert needs.

Why We Created This Project

After years of using tools such as Tetragon and Falco, we kept running into the same issues. These solutions offer little to no prevention (enforcement) capabilities. Those that do offer enforcement policies lack basic features, including regex matching, stateful detections, and many more.

Who Is It For

Teams and companies that protect Linux and cloud environments. Developers who are looking for implementation examples of complex eBPF solutions.

How Can You Help

Try it, give us feedback, tell us what features you would like to see next. Send us good feature ideas or contributions, and we will honor your name on the project page. And most importantly, support us by giving the project a GitHub star. By giving us a star, you prove that our decision to open-source owLSM was correct and encourage more vendors to do the same.

Share:

Copy Link<br>Link Copied

v2<br>LinkedIn

Facebook

Stay Informed<br>Sign up to receive the latest security news and trends straight to your inbox from LevelBlue.

Stay Informed:

Subscribe

Stay Informed<br>Sign up to receive the latest security news and trends straight to your inbox from LevelBlue.

VIDEO

LevelBlue SpiderLabs

ABOUT LEVELBLUE

LevelBlue secures what's next with intelligence-led security delivering visibility and speed to stop threats faster. As the world’s largest and most analyst-recognized pure-play managed security services provider, our AI-powered managed services and cyber expertise across managed, advisory, and incident response services help clients operate with confidence. Learn more about us.

https://www.levelblue.com/resources/blogs/internal-blog/how-to-create-a-blog-post/

News

Tips & Tricks

Latest Intelligence

Hiding in the Chain: Multi-Stage LNK Attack Leveraging TON Blockchain to Deliver Node.JS Backdoor

From Phishing to Persistence: A CrySome RAT Infection Chain Analysis

AsyncRAT and Remcos Delivered in Multi-Stage Phishing Campaign

Related Offerings

Penetration Testing

Incident Readiness and Response

Cyber Threat Intelligence

Threat Hunting

Discover how our specialists can tailor a security program to fit the needs of<br>your organization.

Request a Demo

Stay Informed

Sign up to receive the latest security news and trends straight to your inbox from LevelBlue.

View All Services

Our History

Press Releases

Media Coverage

Careers

Contact

Submit RFP

Free Trials

Training & Certification

Support

Success Center

Documentation Center

Legal

Terms of Usage

Privacy Policy

Your Privacy Choices

© Copyright 2026

security levelblue linux engine open owlsm

Related Articles