Open Source Technologies

Tools developed to solve complex security issues are shared with the open source
community to help broaden adoption of higher security within organizations

A founding goal of Tresys was to innovate new technology to solve complex security challenges. An extensive research and development program focuses on achieving that goal. Tresys shares the results of our research with the open source community in order to broaden adoption and use of SELinux.

SELinux

Security Enhanced Linux (SELinux) is an open source security feature included in the Linux kernel and shipped as part of Red Hat Enterprise Linux, Ubuntu, WindRiver Linux, and other leading Linux distributions. The mandatory access controls features provided by SELinux, which are the result of years of research by the National Security Agency, provide the right features to address the root causes of todays' computer security challenges. Key benefits of using SELinux include the following:

  • Limits the threat of zero-day attacks
  • Reduces exposure due to poor patching
  • Provides security at the platform level, reducing the security burden placed on applications
  • Controls insider threats
  • Limits the damage caused by software bugs
  • Constrains administrative accounts
  • Provides ability to enforce secure application sandboxes

As such SELinux is the basis for many trusted and high assurance operating environments in the Department of Defense, Intelligence, financial, and critical infrastructure environments. Accordingly, Tresys contributes to many open source projects. Specific to SELinux, Tresys leads the following open source projects: