Secure Computing Mode, also known as Seccomp, is a Linux kernel feature that improves several security features to help run applications in a more secure environment.
It is more like a sandbox environment that acts as a firewall for syscalls: the target program cannot make any system calls except exit(), sigreturn(), read() and write() to already open file descriptors. Should it attempt any other system calls, the kernel will terminate the process with SIGKILL or SIGSYS.
In this sense, it does not virtualize the system's resources, but isolates the process from them entirely.