{{Short description|None}} {{Use dmy dates|date=July 2018}}
This is a list of operating systems specifically focused on security. Similar concepts include security-evaluated operating systems that have achieved certification from an auditing organization, and trusted operating systems that provide sufficient support for multilevel security and evidence of correctness to meet a particular set of requirements.
== Linux == {{Main|Linux}}
=== Android-based === {{Main|Android (operating system)}} * GrapheneOS is a security-focused, Android-based mobile OS that uses a hardened kernel, C library, custom memory allocator (<code>hardened_malloc</code>), and a hardened Chromium-based browser named Vanadium. It also offers privacy/security features, such as Duress PIN/Password or disabling the USB-C port at a driver/hardware level to avoid exploitation. It deploys exploit mitigations such as hardware-based memory tagging, secure app spawning, restricted dynamic code loading, and more.<ref>{{Cite web |title=Features overview {{!}} GrapheneOS |url=https://grapheneos.org/features |access-date=2026-03-31 |website=grapheneos.org |language=en}}</ref>
=== Debian-based === {{Main|Debian}} * Linux Kodachi is a security-focused operating system.<ref>{{Cite web |last=Choudhury |first=Ambika |date=2019-06-04 |title=10 Most Secured Linux Distros For Advanced Privacy & Security |url=https://analyticsindiamag.com/ai-mysteries/10-most-secured-linux-distros-for-advanced-privacy-security/ |access-date=2024-11-01 |website=AIM |language=en-US}}</ref> * Tails is aimed at preserving privacy and anonymity.<ref>{{cite web | url = https://lwn.net/Articles/440279/ | title = The Amnesic Incognito Live System: A live CD for anonymity [LWN.net] | last = Vervloesem | first = Koen | date = 27 April 2011 | website = lwn.net | access-date = 14 June 2017 | archive-url = https://web.archive.org/web/20170821050853/https://lwn.net/Articles/440279/ | archive-date = 21 August 2017 | url-status = live}}</ref> * KickSecure is a security-focused Linux distribution that aims to be "hardened by default". It uses network hardening, kernel hardening, Strong Linux User Account Isolation, better randomness, root access restrictions, and app-specific hardening.<ref>{{Cite web |date=2026-01-29 |title=Kicksecure - A Security Hardened Linux Distribution |url=https://www.kicksecure.com/wiki/About |access-date=2026-03-31 |website=Kicksecure |language=en}}</ref> ** Whonix is an anonymity focused operating system based on KickSecure. It consists of two virtual machines, And all communications are routed through Tor.<ref>{{cite web |url=https://www.theregister.co.uk/2012/11/13/whonix/ | title=Devs cook up 'leakproof' all-Tor untrackable platform | publisher=The Register | date=13 Nov 2012 | access-date=10 July 2014}}</ref><ref>{{cite web |url=https://www.wired.com/2014/06/be-anonymous-online/ | title=How to Anonymize Everything You Do Online | publisher=Wired | date=17 June 2014 | access-date=10 July 2014 | author=Greenburg, Andy}}</ref><ref>{{cite web |url=http://www.techrepublic.com/blog/smb-technologist/whonix-adds-a-layer-of-anonymity-to-your-business-tasks/ | title=Whonix adds a layer of anonymity to your business tasks | publisher=TechRepublic | date=4 January 2013 | access-date=10 July 2014}}</ref>
=== Other Linux distributions === * Alpine Linux is designed to be small, simple, and secure.<ref>{{Cite web |title=about | Alpine Linux |url=https://alpinelinux.org/about/ |website=alpinelinux.org}}</ref> It uses musl, BusyBox, and OpenRC instead of the more commonly used glibc, GNU Core Utilities, and systemd.<ref>{{Cite web|url=https://linuxbsdos.com/2010/08/23/alpine-linux-2-review/|title=Alpine Linux 2 review | LinuxBSDos.com|first=GigaTux|last=says|date=24 August 2010}}</ref> * Owl - Openwall GNU/Linux, a security-enhanced Linux distribution for servers. * {{Visible anchor|Secureblue}}, a Fedora Silverblue based distro that uses a hardened kernel, custom memory allocator (<code>hardened_malloc</code>), Trivalent, a security-focused, Chromium-based browser inspired by Vanadium, and many other exploit mitigations.<ref>{{Cite web |title=Features {{!}} secureblue |url=https://secureblue.dev/features |access-date=2026-03-31 |website=secureblue.dev |language=en}}</ref>
== BSD == {{Main|Berkeley Software Distribution}}
* OpenBSD is a Unix-like operating system that emphasizes portability, standardization, correctness, proactive security, and integrated cryptography.<ref>{{cite web|url=https://www.openbsd.org/|title=OpenBSD|author=OpenBSD Project|date=19 May 2020|website=OpenBSD.org|access-date=12 October 2020}}</ref>
== Xen == {{Main|Xen}}
* Qubes OS aims to provide security through isolation.<ref>{{cite web |url=https://www.theregister.co.uk/2012/09/05/qubes_secure_os_released/ |title=Qubes OS bakes in virty system-level security |publisher=The Register |date=September 5, 2012}}</ref> Isolation is provided through the use of virtualization technology. This allows the segmentation of applications into secure virtual machines.
== See also ==
* Computer security * Comparison of operating systems * Comparison of mobile operating systems * Security engineering
== References == {{reflist|1=30em}}
{{Information security}}
Category:Computer security Category:Operating system security Category:Lists of operating systems