The following chart summarizes the feature sets of the PitBull LX and PitBull Foundation products. To learn more about the specific features and functionality found in each of our products, please see our White Papers section.

Feature	PitBull LX	PitBull Foundation
Compartmentalization Isolates processes from each other and from each other's files unless explicitly allowed by the security policy, regardless of User or Group ID.
Root Control Root is all-powerful on a typical Unix system. With PitBull it is possible to restrict this user as a regular user.
Domain Based Access Control Unique form of Mandatory Access Controls able to support 4 types of access control : user, file, network, and process.
File Security Flags Security flags can be placed on files to dictate specific behaviors. Flags are a flexible and easy tool to implement system-wide security policies and restrict superuser privileges.
Process Security Flags File execution flags define process interaction, including whether a process may act on a file or network object or whether a process should be subjected to additional pre-defined restrictions. They provide a simple, flexible method to implement system-wide security policies.
Network Security Controls which network resources can be used/accessed by which process(es).
NetRules Firewall-style rule set to define fine-grained method of network access control. NetRules can limit or completely prevent processes from accessing the network, even in the event of a process gaining superuser status.
Enhanced Auditing Additional PitBull-specific audit events.
4-Eyes Allows some user logins (typically administrator) or system functions to require a second user login as a confirmation.
PAM Support Pluggable Authentication Module (PAM) support allows a more flexible and extensible user authentication model, and offers more centralized management options.
Boot Control It's possible to restrict booting the system such that a user/password combination is required.
Easy Installation and Updates
Lock Down Scripts Automatic configuration scripts to allow easy set-up for commonly used architectures and applications, including Apache webservers and generic system lock-down.
100% Binary Compatibility With Base OS System utilities and "Commercial Off The Shelf" (COTS) applications may run normally without requiring modification. Also, integration tools are provided to allow these COTS applications to be secured in the new environment.