🛡️ Enforce filesystem and network restrictions on processes with a lightweight sandboxing tool, enabling safer AI agent behavior at the OS level.

Horizontally scalable, highly available, key-value storage service with distributed transaction support written in C++

K.I.S.S. LSM-tree implementation in safe Rust

Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (LSM-BPF, AppArmor).

Runtime Security & Alignment Layer for Autonomous AI Agents. eBPF-based sandbox with DEFCON threat levels and Cgroup isolation.

real linux protection using real linux prevention

Unified eBPF Security Engine — XDP Firewall + Syscall Monitor + LSM Enforcer

eBPF Security Monitoring Agent Based on Aya

My local AppArmor profiles for apps that can use those

A closed-loop security runtime preventing "The Great Exfiltration" and Indirect Prompt Injection in Autonomous AI Agents.

🗻 Log-structured, embeddable key-value storage engine written in Rust

Deep Learning project for time-series risk prediction using an LSTM neural network. End-to-end pipeline from preprocessing to evaluation on the Jena Climate dataset.

vArmor is a cloud native container sandbox system based on AppArmor/BPF/Seccomp. It also includes multiple built-in protection rules that are ready to use out of the box.

New implementation of Linux Security Module

A number of utilities for writing ACSL specifications for a Linux module.

A high-performance key-value storage engine based on the LSM-Tree architecture, written in Go.

Replicated Data eXchange format C lib

micromize is a security hardening tool designed to detect and break the post-exploit kill chain for containerized applications, leveraging BPF LSM.

Log Structured Merge Tree (LSM) Demo

Manage your Linux servers on the go! LSM is a Flutter-based mobile app providing a user-friendly interface for system monitoring and administration over SSH